US20250036795A1

US20250036795A1 - Computing platform for facilitating data exchange among computing environments

Info

Publication number: US20250036795A1
Application number: US18/917,909
Authority: US
Inventors: Shiven Patel; Jason L. Sabourin; Sinu John; Siju George; Ashish R.; Shivakumar Umadi; Sahaj Rao
Original assignee: OneTrust LLC
Current assignee: OneTrust LLC
Priority date: 2021-08-05
Filing date: 2024-10-16
Publication date: 2025-01-30
Also published as: US20250036796A1; US20230038573A1; US20250036794A1; US12153704B2

Abstract

Various aspects of the disclosure provide methods, apparatus, systems, computing devices, computing entities, and/or the like for facilitating the exchange of data among a diverse group of first and third party computing environments. Accordingly, various aspects of the disclosure provide a data exchange computing platform that facilitates data exchange among a diverse group of first and third party computing environments. In some aspects, the data exchange computing platform provides a data exchange service available to various first and third parties who wish to exchange data.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a divisional of U.S. patent application Ser. No. 17/881,076, filed on Aug. 4, 2022, which claims the benefit of and priority to U.S. Provisional Patent Application No. 63/229,854, filed on Aug. 5, 2021. Each of the aforementioned applications is hereby incorporated by reference in its entirety.

TECHNICAL FIELD

The present disclosure is generally related to systems and methods for processing data requests involving exchange of data between computing environments while protecting the data from maliciously caused destruction, unauthorized modification, or unauthorized disclosure.

BACKGROUND

A significant challenge encountered by many entities such as organizations, corporations, companies, and/or the like is mitigating risks associated with integrating computer-related functionality provided by third party computing systems (e.g., software, storage, processing capacity, etc.). For example, a first party may integrate computer-related functionality provided through a third party computing system into a computing system of the first party in the form of a computer-implemented service provided by the third party computing system that interfaces with the first party computing system. In another example, the first party may integrate computer-related functionality provided through the third party computing system into the first party computing system in the form of software functionality provided by the third party computing system that is installed within the first party computing system. Such integrations can expose the first party computing system to signification risk of experiencing some type of incident such as a data security breach, unauthorized access to the first party computing system, malicious attacks on the first party computing system such as malware or ransomware, and/or the like.
To combat this challenge, many first parties will vet the integration of computer-related functionality provided by third party computing systems into first party computing systems to evaluate the risk associated with such integrations and to better understand what challenges may be involved in such integrations. Often, the vetting process involves gathering data (e.g., information) from third parties that are associated with these third party computing systems. For example, a first party may request a third party to complete an assessment to provide information on particular computer-related functionality provided through a third party computing system so that the first party can use such information in performing the vetting process.
However, the data gathering process can present significant technical challenges to many first and third parties. For instance, technical challenges can arise from the fact that the different first parties and third parties that can be involved in the data gathering process may be quite diverse with respect to computing environments in which they operate and the different functionality, capabilities, interfaces, and/or the like among the computing environments. This diversity among the computing environments can often create significant diversity in the way in which these different computing environments communicate and exchange data. Therefore, any particular first or third party may be required to operate their computing environment using a variety of hardware components and/or software components, providing a variety of functionality, capabilities, and/or the like, so that the particular first or third party can take part in the data gathering process with a large number of other first and/or third parties.
In addition, technical challenges can arise due to the number of third parties any one first party may need to gather data from, as well as the volume of data that may need to be gathered from these third parties. The same can be true with respect to the number of first parties any one third party may need to provide data to, as well as the volume of data that may need to be provided to these first parties. For example, the data gathering process can prove to be quite taxiing on a first or third party's computing environment due to a large number of data requests and/or a large amount of data that may be involved in the data gathering process, as well as a large number of first and/or third party computing environments that needs to be interacted with in fulfilling the data requests.
Further, technical challenges can arise due to requirements imposed by first and/or third parties to allow exchange of certain types of data. For example, a third party may require a particular type of data that is considered to be sensitive in nature to be managed with certain security and/or access controls in place. These security and/or access controls can prove to be quite challenging when they need to be implemented within a first party's computing environment so that the computing environment is sufficiently operated to be used in the data gathering process. This can be especially true when the first party may be dealing with multiple third parties who impose different, conflicting requirements that need to be implemented within the first party's computing environment. Accordingly, a need exists in the art for improved systems and methods for facilitating data exchange among a diverse group of first and third computing environments. Various aspects of the disclosure provided herein address such a need.

SUMMARY

In general, various aspects of the present disclosure provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for exchanging data among computing environments. In accordance with various aspects, a method is provided that comprises: receiving, by computing hardware, a request on behalf of a first party to have a third party provide an electronic artifact, wherein: the request is submitted by the first party through a data exchange computing platform, the data exchange computing platform provides a data exchange service that facilitates exchange of electronic artifacts between a plurality of tenants of the data exchange computing platform, and the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform; determining, by the computing hardware, that the third party is not a tenant of the plurality of tenants; responsive to determining the third party is not the tenant of the plurality of tenants, sending, by the computing hardware, an electronic notification on behalf of the first party to the third party requesting the electronic artifact, wherein the electronic notification comprises an invitation mechanism for facilitating registration of the third party with the data exchange service; receiving, by the computing hardware, an indication of an activation of the invitation mechanism; and responsive to receiving the indication: generating, by the computing hardware, a second tenant instance on the data exchange computing platform for the third party to facilitate the third party being a second tenant of the plurality of tenants; and providing, by the computing hardware, access to the request via the second tenant instance so that the request is automatically available to the third party through the data exchange service.
In some aspects, the method further comprises: providing, by the computing hardware, an upload mechanism through the second tenant instance to facilitate the third party uploading the electronic artifact into the data exchange computing platform; receiving, by the computing hardware and via the upload mechanism, the electronic artifact; and responsive to receiving the electronic artifact: providing, by the computing hardware, access to the electronic artifact to the first party through the first tenant instance; and sending, by the computing hardware, a second electronic notification to the first party indicating the electronic artifact is available through the data exchange service.
In some aspects, the electronic artifact comprises an assessment to be completed by the third party and the method further comprises: providing, by the computing hardware, an access mechanism through the second tenant instance to facilitate the third party accessing the assessment via the data exchange service; receiving, by the computing hardware, a second indication of a second activation of the access mechanism; responsive to receiving the second indication, providing, by the computing hardware, access to the assessment through the second tenant instance; providing, by the computing hardware, an upload mechanism through the second tenant instance to facilitate the third party uploading a completed version of the assessment into the data exchange computing platform; receiving, by the computing hardware and via the upload mechanism, the completed version of the assessment; and responsive to receiving the completed version of the assessment: providing, by the computing hardware, access to the completed version of the assessment to the first party through the first tenant instance; and sending, by the computing hardware, a second electronic notification to the first party indicating the completed version of the assessment is available through the data exchange service.
In some aspects, providing the upload mechanism through the second tenant instance to facilitate the third party uploading the completed version of the assessment into the data exchange computing platform comprises: providing, by the computing hardware, access to autocompletion assessment software through the second tenant instance, wherein the assessment comprises a set of questions and the autocompletion assessment software is configured to automatically identify answers to the set of questions based on previous answers to previous questions provided by the third party in a previous assessment completed by the third party; and processing, by the computing hardware, the assessment using the autocompletion assessment software to identify an answer to at least one question of the set of questions and to load the answer to the at least one question into the assessment as part of generating the completed version of the assessment. In some aspects, generating the second tenant instance on the data exchange computing platform for the third party to facilitate the third party being the second tenant of the plurality of tenants comprises: sending, by the computing hardware, a second electronic communication comprising a conformation mechanism for confirming creation of the second tenant instance for the third party; receiving, by the computing hardware, a second indication of an activation of the conformation mechanism; and responsive to receiving the second indication, creating, by the computing hardware, the second tenant instance on the data exchange computing platform.
In some aspects, the method further comprises: receiving, by the computing hardware and via the second tenant instance, a second request to claim a third party trust profile, wherein the third party trust profile is configured for allowing the third party to manage availability of the electronic artifacts through the data exchange service to the plurality of tenants; and responsive to receiving the second request: locking, by the computing hardware, the third party trust profile so that the third party trust profile is unavailable to be claimed by another tenant of the plurality of tenants; submitting, by the computing hardware, the second request to claim the third party trust profile to be validated; receiving, by the computing hardware, a second indication that the second request to claim the third party trust profile has been validated; and responsive to receiving the second indication, linking the third party trust profile to the second tenant instance in the data exchange computing platform so that the third party trust profile is available to the third party through the second tenant instance.
In some aspects, the method further comprises: receiving, by the computing hardware and via the second tenant instance, a third request to post a particular electronic artifact to the third party trust profile; receiving, by the computing hardware, the particular electronic artifact uploaded through the second tenant instance by the third party; and posting, by the computing hardware, the particular electronic artifact to the third party trust profile so that the particular electronic artifact is publicly available to the plurality of tenants.
In some aspects, the method further comprises: receiving, by the computing hardware and via the second tenant instance, a third request to post a particular electronic artifact to the third party trust profile; receiving, by the computing hardware, the particular electronic artifact uploaded through the second tenant instance by the third party; posting, by the computing hardware, the particular electronic artifact to the third party trust profile so that the particular electronic artifact is privately available to the plurality of tenants; receiving, by the computing hardware and from a particular tenant of the plurality of tenants, a fourth request to access the particular electronic artifact; and responsive to receiving the fourth request: sending, by the computing hardware, a second electronic communication to the third party, wherein the second electronic communication comprises the fourth request to access the particular electronic artifact; receiving, by the computing hardware, a third indication to fulfill the fourth request; and responsive to receiving the third indication, providing, by the computing hardware, access to the particular electronic artifact through a tenant instance associated with the particular tenant.
In accordance with various aspects, a system is provided comprising a non-transitory computer-readable medium storing instructions and a processing device communicatively coupled to the non-transitory computer-readable medium. The processing device is configured to execute the instructions and thereby perform operations comprising: receiving a request on behalf of a first party to have a third party provide an electronic artifact, wherein: the request is submitted by the first party through a data exchange computing platform used in facilitating exchange of electronic artifacts between a plurality of tenants of the data exchange computing platform; and the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform; sending an electronic notification on behalf of the first party to the third party requesting the electronic artifact, wherein the electronic notification comprises an invitation mechanism for facilitating the third party become a second tenant of the plurality of tenants; receiving an indication of an activation of the invitation mechanism; and responsive to receiving the indication: generating a second tenant instance on the data exchange computing platform for the third party to facilitate the third party being the second tenant of the plurality of tenants; and providing access to the request via the second tenant instance so that the request is automatically available to the third party through the data exchange computing platform.
In some aspects, the operations further comprise: receiving, via an upload mechanism, the electronic artifact, wherein the upload mechanism is provided through the second tenant instance; and responsive to receiving the electronic artifact, providing access to the electronic artifact to the first party through the first tenant instance. In some aspects, the electronic artifact comprises an assessment to be completed by the third party and the operations further comprise: providing access to the assessment through the second tenant instance; providing an upload mechanism through the second tenant instance to facilitate uploading a completed version of the assessment into the data exchange computing platform; receiving, via the upload mechanism, the completed version of the assessment; and providing access to the completed version of the assessment through the first tenant instance. In some aspects, providing the upload mechanism through the second tenant instance comprises: providing access to autocompletion assessment software through the second tenant instance, wherein the assessment comprises a set of questions and the autocompletion assessment software is configured to automatically identify answers to the set of questions based on previous answers to previous questions provided in a previous assessment completed by the third party; and processing the assessment using the autocompletion assessment software to identify an answer to at least one question of the set of questions and to load the answer to the at least one question into the assessment as part of generating the completed version of the assessment.
In some aspects, generating the second tenant instance on the data exchange computing platform for the third party comprises: receiving a second indication of an activation of a conformation mechanism provided in a second electronic communication; and responsive to receiving the second indication, creating the second tenant instance on the data exchange computing platform. In some aspects, the operations further comprise: receiving, via the second tenant instance, a second request to claim a third party trust profile, wherein the third party trust profile is configured for allowing managing availability of the electronic artifacts through the data exchange computing platform to the plurality of tenants; responsive to receiving the second request, locking the third party trust profile so that the third party trust profile is unavailable to be claimed by another tenant of the plurality of tenants; submitting the second request to claim the third party trust profile to be validated; receiving a second indication that the second request to claim the third party trust profile has been validated; and responsive to receiving the second indication, linking the third party trust profile to the second tenant instance in the data exchange computing platform.
In some aspects, the operations further comprise: receiving a particular electronic artifact uploaded through the second tenant instance to post to the third party trust profile; and posting the particular electronic artifact to the third party trust profile so that the particular electronic artifact is publicly available to at least a subset of the plurality of tenants. In some aspects, the operations further comprise: receiving a particular electronic artifact uploaded through the second tenant instance to post to the third party trust profile; posting the particular electronic artifact to the third party trust profile; receiving, from a particular tenant of the plurality of tenants, a third request to access the particular electronic artifact; and responsive to receiving the third request: sending a second electronic communication, wherein the second electronic communication comprises the third request to access the particular electronic artifact; receiving a third indication to fulfill the third request; and responsive to receiving the third indication, providing access to the particular electronic artifact through a tenant instance associated with the particular tenant.
In accordance with various aspects, a non-transitory computer-readable medium is provided having computer-executable instructions that are stored thereon. The instructions that, when executed by computing hardware, configure the computing hardware to perform operations comprising: receiving a request on behalf of a first party to have a third party provide data, wherein: the request is submitted through a data exchange computing platform used in facilitating exchange of data between a plurality of tenants of the data exchange computing platform; and the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform; receiving an indication to generate a second tenant instance for the third party, wherein the indication is generated as a result of the third party being notified of the request; and responsive to receiving the indication: generating the second tenant instance on the data exchange computing platform for the third party to facilitate the third party being a second tenant of the plurality of tenants; and providing access to the request via the second tenant instance so that the request is available to the third party through the data exchange computing platform.
In some aspects, the operations further comprise: sending an electronic notification on behalf of the first party to the third party notifying the third party of the request for the data, wherein the electronic notification comprises an invitation mechanism and the indication is received as a result of an activation of the invitation mechanism. In some aspects, the operations further comprise: receiving the data via an upload mechanism provided through the second tenant instance; and responsive to receiving the data, providing access to the data to the first party through the first tenant instance. In some aspects, the operations further comprise: receiving, via the second tenant instance, a second request to claim a third party trust profile, wherein the third party trust profile is configured for allowing managing availability of data through the data exchange computing platform to the plurality of tenants; and responsive to receiving the second request, locking the third party trust profile so that the third party trust profile is unavailable to be claimed by another tenant of the plurality of tenants; submitting the second request to claim the third party trust profile to be validated; receiving a second indication that the second request to claim the third party trust profile has been validated; and responsive to receiving the second indication, linking the third party trust profile to the second tenant instance in the data exchange computing platform.
In accordance with various aspects, a method is provided that comprises: sending, by computing hardware, an electronic notification on behalf of a first party to a third party requesting completion of an electronic assessment, wherein: the electronic notification comprises an access mechanism for facilitating access to the electronic assessment and is sent via a data exchange computing platform, the data exchange computing platform provides a data exchange service that facilitates exchange of data between a plurality of tenants of the data exchange computing platform, and the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform; receiving, by the computing hardware, a first indication of an activation of the access mechanism; responsive to receiving the first indication, providing, by the computing hardware, a graphical user interface for display, wherein the graphical user interface comprises a control element configured for facilitating registration of the third party with the data exchange service; receiving, by the computing hardware, a second indication of an activation of the control element; and responsive to receiving the second indication: generating, by the computing hardware, a second tenant instance on the data exchange computing platform for the third party to facilitate the third party being a second tenant of the plurality of tenants; and providing, by the computing hardware, access to autocompletion assessment software through the data exchange service, wherein the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party so that the electronic assessment can be submitted to the first party through the data exchange computing platform.
In some aspects, the electronic assessment comprises a set of questions and the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party by: comparing each question of the set of questions to each previous question of a set of previous questions found in an answer library, wherein the answer library comprises a corresponding previous answer for each previous question of the set of previous questions provided by the third party for a previous electronic assessment completed by the third party; identifying, based on comparing each question of the set of questions to each previous question of the set of previous questions, an answer to at least one question of the set of questions, wherein the answer comprises the corresponding previous answer for a previous question of the set of previous questions; and populating the answer to the at least one question in the electronic assessment as part of generating a completed version of the electronic assessment.
In some aspects, the electronic notification identifies the autocompletion assessment software is available through the data exchange service. In some aspects, the method further comprises receiving, by the computing hardware via the data exchange computing platform, a request that involves requesting completion of the electronic assessment by the third party, wherein the request is submitted by the first party through the data exchange service and identifies the electronic assessment and the third party. In some aspects, the graphical user interface further comprises a validation control element and the method further comprises, prior to generating the second tenant instance on the data exchange computing platform: receiving, by the computing hardware via the validation control element, input; and validating, by the computing hardware and based on the input, that the activation of the access mechanism is associated with the third party.
In some aspects, the method of claim 1 further comprises: sending, by the computing hardware, a second electronic notification comprising a conformation mechanism for confirming creation of the second tenant instance for the third party; and receiving, by the computing hardware, a third indication of an activation of the conformation mechanism, wherein the second tenant instance is generated based on receiving the third indication. In some aspects, the method of claim 1 further comprises: receiving, by the computing hardware via the data exchange computing platform, a request from the first party for an artifact from the third party, wherein the request is submitted by the first party through the first tenant instance; responsive to receiving the request: sending, by the computing hardware, a second electronic notification to the third party, wherein the second electronic notification identifies the request; and providing, by the computing hardware, access to the request to the third party through the second tenant instance; receiving, by the computing hardware, the artifact uploaded into the data exchange computing platform by the third party through the second tenant instance; and responsive to receiving the artifact: sending, by the computing hardware, a third electronic notification to the first party, wherein the third electronic notification identifies the artifact is available through the data exchange service; and providing, by the computing hardware, access to the artifact to the first party through the first tenant instance.
In accordance with various aspects, a system is provided comprising a non-transitory computer-readable medium storing instructions and a processing device communicatively coupled to the non-transitory computer-readable medium. The processing device is configured to execute the instructions and thereby perform operations comprising: sending an electronic notification on behalf of a first party to a third party requesting completion of an electronic assessment, wherein: the electronic notification is sent through a data exchange computing platform, the data exchange computing platform facilitates exchange of data between a plurality of tenants of the data exchange computing platform, the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform, and the electronic notification comprises an invitation mechanism for facilitating registration of the third party with the data exchange computing platform and indicates autocompletion assessment software is available through the data exchange computing platform; receiving a first indication of an activation of the invitation mechanism; responsive to receiving the first indication, providing a graphical user interface for display, wherein the graphical user interface comprises a control element configured for facilitating registration of the third party with the data exchange computing platform; receiving a second indication of an activation of the control element; and responsive to receiving the second indication: generating a second tenant instance on the data exchange computing platform to facilitate the third party being a second tenant of the plurality of tenants; and providing the third party with access to the autocompletion assessment software through the second tenant instance, wherein the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party so that the electronic assessment can be submitted to the first party through the data exchange computing platform.
In some aspects, the electronic assessment comprises a set of questions and the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party by: comparing each question of the set of questions to each previous question found in a set of previous question/previous answer pairings, wherein each previous answer of the set of previous question/previous answer pairings was provided by the third party for a previous assessment completed by the third party; identifying, based on comparing each question of the set of questions to each previous question of the set of previous question/previous answer pairings, an answer to at least one question of the set of questions, wherein the answer comprises the previous answer for one previous question/previous answer pairing of the set of previous question/previous answer pairings; and populating the electronic assessment with the answer to the at least one question.
In some aspects, the operations further comprise receiving, via the data exchange computing platform, a request that involves requesting completion of the electronic assessment by the third party, wherein the request is submitted by the first party through the first tenant instance and identifies the electronic assessment and the third party. In some aspects, the graphical user interface further comprises a validation control element and the operations further comprise, prior to generating the second tenant instance on the data exchange computing platform: receiving, via the validation control element, input; and validating, based on the input, that the activation of the invitation mechanism is associated with the third party. In some aspects, the operations further comprise: sending a second electronic notification comprising a conformation mechanism for confirming creation of the second tenant instance for the third party; and receiving a third indication of an activation of the conformation mechanism, wherein the second tenant instance is generated based on receiving the third indication.
In some aspects, the operations further comprise: receiving a request from the first party for an artifact from the third party; responsive to receiving the request, sending a second electronic notification to the third party, wherein the second electronic notification identifies the request; receiving the artifact uploaded into the data exchange computing platform by the third party through the second tenant instance; and responsive to receiving the artifact: sending a third electronic notification to the first party, wherein the third electronic notification identifies the artifact is available; and providing access to the artifact to the first party through the first tenant instance. In some aspects, the operations further comprise linking a third party trust profile to the second tenant instance in the data exchange computing platform so that the third party trust profile is available to the third party through the second tenant instance, wherein the third party trust profile is configured for allowing the third party to manage availability of data through the data exchange computing platform to the plurality of tenants. In some aspects, the operations further comprise: receiving particular data uploaded through the second tenant instance by the third party; and posting the particular data to the third party trust profile so that the particular data is publicly available to the plurality of tenants.
In accordance with various aspects, a non-transitory computer-readable medium is provided having computer-executable instructions that are stored thereon. The instructions that, when executed by computing hardware, configure the computing hardware to perform operations comprising: sending an electronic notification on behalf of a first party to a third party requesting completion of an electronic assessment, wherein: the electronic notification is sent through a data exchange computing platform, the data exchange computing platform facilitates exchange of data between a plurality of tenants of the data exchange computing platform, the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform, and the electronic notification comprises an invitation mechanism for facilitating registration of the third party with the data exchange computing platform; receiving a first indication of an activation of the invitation mechanism; responsive to receiving the first indication, providing a graphical user interface for display, wherein the graphical user interface comprises a control element configured for facilitating registration of the third party with the data exchange computing platform; receiving a second indication of an activation of the control element; and responsive to receiving the second indication: generating a second tenant instance on the data exchange computing platform to facilitate the third party being a second tenant of the plurality of tenants; and providing the third party with access to autocompletion assessment software through the second tenant instance, wherein the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party.
In some aspects, the electronic assessment comprises a set of questions and the autocompletion assessment software is configured for automatically completing the electronic assessment for the third party by: comparing each question of the set of questions to each previous question found in a set of previous question/previous answer pairings, wherein each previous answer of the set of previous question/previous answer pairings was provided by the third party for a previous assessment completed by the third party; identifying, based on comparing each question of the set of questions to each previous question of the set of previous question/previous answer pairings, an answer to at least one question of the set of questions, wherein the answer comprises the previous answer for one previous question/previous answer pairing of the set of previous question/previous answer pairings; and populating the electronic assessment with the answer to the at least one question.
In some aspects, the graphical user interface further comprises a validation control element and the operations further comprise, prior to generating the second tenant instance on the data exchange computing platform: receiving, via the validation control element, input; and validating, based on the input, that the activation of the invitation mechanism is associated with the third party. In some aspects, the operations further comprise: receiving a request from the first party for particular data from the third party; responsive to receiving the request, sending a second electronic notification to the third party, wherein the second electronic notification identifies the request; receiving the particular data uploaded into the data exchange computing platform by the third party through the second tenant instance; and responsive to receiving the particular data: sending a third electronic notification to the first party, wherein the third electronic notification identifies the particular data is available; and providing access to the particular data to the first party through the first tenant instance. In some aspects, the operations further comprise linking a third party trust profile to the second tenant instance in the data exchange computing platform so that the third party trust profile is available to the third party through the second tenant instance, wherein the third party trust profile is configured for allowing the third party to manage availability of data through the data exchange computing platform to the plurality of tenants.
In accordance with various aspects, a method is provided that comprises: receiving, by computing hardware, an electronic assessment to be completed by an entity, wherein the electronic assessment comprises a set of questions; performing, by the computing hardware, a tokenization technique on the set of questions to generate a first token representation of each question in the set of questions; identifying, by the computing hardware and based on an answer library generated for the entity, a first answer to a first question in the set of questions, wherein: the answer library comprises (i) a set of previous questions answered by the entity for at least one previous electronic assessment, (ii) a second token representation for each previous question in the set of previous questions, and (iii) a previous answer for each previous question in the set of previous questions, and the first answer comprises the corresponding previous answer for a first previous question in the set of previous questions based on a similarity between the corresponding second token representation for the first previous question and the corresponding first token representation for the first question; generating, by the computing hardware and based on a level of the similarity between the corresponding second token representation for the first previous question and the corresponding first token representation for the first question, a first confidence measure, wherein the first confidence measure identifies a confidence in the first answer being correct for the first question; providing, by the computing hardware, a graphical user interface for display, wherein the graphical user interface comprises the first answer to the first question and the first confidence measure; receiving, by the computing hardware and via the graphical user interface, an indication that the first answer is correct for the first question; and responsive to receiving the indication, populating, by the computing hardware, the electronic assessment with the first answer for the first question.
In some aspects, the method further comprises: receiving, by the computing hardware, a first input of a first location of the set of questions found in the electronic assessment; receiving, by the computing hardware, a second input of a second location of answers to provide for the set of questions in the electronic assessment; identifying, by the computing hardware and based on the first location and the second location, a position in the electronic assessment for providing each answer for each question in the set of questions; and generating, by the computing hardware, a mapping comprising the position in the electronic assessment for providing each answer for each question in the set of questions, wherein populating the electronic assessment with the first answer for the first question comprises referencing the mapping to identify the position in the electronic assessment for providing the first answer for the first question and populating the position with the first answer. In some aspects, the method further comprises: extracting, by the computing hardware and based on the first location and the second location, each question in the set of questions from the electronic assessment.
In some aspects, the method further comprises: receiving, by the computing hardware, a selection of the answer library from a set of answer libraries available for the entity. In some aspects, the method further comprises: receiving, by the computing hardware, the at least one previous electronic assessment; extracting, by the computing hardware, the set of previous questions and the previous answer for each previous question in the set of previous questions from the at least one previous electronic assessment; performing, by the computing hardware, the tokenization technique on the set of previous questions to generate the second token representation of each previous question in the set of previous questions; and generating, by the computing hardware, the answer library to include the set of previous questions, the second token representation for each previous question in the set of previous questions, and the previous answer for each previous question in the set of previous questions.
In some aspects, the method further comprises: identifying, by the computing hardware and based on the answer library, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on a similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; generating, by the computing hardware and based on a level of the similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question, a second confidence measure, wherein the second confidence measure identifies a second confidence in the second answer being correct for the second question; providing, by the computing hardware, the second answer to the second question and the second confidence measure for display on the graphical user interface; receiving, by the computing hardware and via the graphical user interface, a corrected answer to the second question, wherein the corrected answer is based on a correction made to the second answer to the second question; and responsive to receiving the corrected answer, populating, by the computing hardware, the electronic assessment with the corrected answer for the second question. In some aspects, the method further comprises updating, by the computing hardware, the answer library to include the corrected answer for the second previous question.
In some aspects, the method further comprises: identifying, by the computing hardware and based on the answer library generated for the entity, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on a similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; generating, by the computing hardware and based on a level of the similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question, a second confidence measure, wherein the second confidence measure identifies a second confidence in the second answer being correct for the second question; providing, by the computing hardware, the second answer to the second question and the second confidence measure for display on the graphical user interface; receiving, by the computing hardware and via the graphical user interface, a second indication that the second answer is incorrect for the second question; and responsive to receiving the second indication, updating, by the computing hardware, the answer library to include the second question.
In accordance with various aspects, a system is provided comprising a non-transitory computer-readable medium storing instructions and a processing device communicatively coupled to the non-transitory computer-readable medium. The processing device is configured to execute the instructions and thereby perform operations comprising: receiving an electronic assessment to be completed by an entity, wherein the electronic assessment comprises a set of questions; performing a tokenization technique on the set of questions to generate a first token representation of each question in the set of questions; identifying, based on an answer library generated for the entity, a first answer to a first question in the set of questions, wherein: the answer library comprises (i) a set of previous questions answered by the entity for at least one previous electronic assessment, (ii) a second token representation for each previous question in the set of previous questions, and (iii) a previous answer for each previous question in the set of previous questions, and the first answer comprises the corresponding previous answer for a first previous question in the set of previous questions based on a similarity between the corresponding second token representation for the first previous question and the corresponding first token representation for the first question; providing a graphical user interface for display, wherein the graphical user interface comprises the first answer to the first question; receiving, via the graphical user interface, an indication that the first answer is correct for the first question; and responsive to receiving the indication, populating the electronic assessment with the first answer for the first question.
In some aspects, the operations further comprise: receiving a first input of a first location of the set of questions found in the electronic assessment; receiving a second input of a second location of answers to provide for the set of questions in the electronic assessment; and generating a mapping comprising a position in the electronic assessment for providing each answer for each question in the set of questions, wherein: the position is based on the first location and the second location, and populating the electronic assessment with the first answer for the first question comprises referencing the mapping to identify the position in the electronic assessment for providing the first answer for the first question and populating the position with the first answer. In some aspects, the operations further comprise extracting each question in the set of questions from the electronic assessment based on the first location and the second location.
In some aspects, the operations further comprise: extracting the set of previous questions and the previous answer for each previous question in the set of previous questions from the at least one previous electronic assessment; performing the tokenization technique on the set of previous questions to generate the second token representation of each previous question in the set of previous questions; and generating the answer library to include the set of previous questions, the second token representation for each previous question in the set of previous questions, and the previous answer for each previous question in the set of previous questions. In some aspects, the operations further comprise: identifying, based on the answer library, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on a similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; providing the second answer to the second question for display on the graphical user interface; receiving, via the graphical user interface, a corrected answer to the second question, wherein the corrected answer is based on a correction made to the second answer to the second question; and responsive to receiving the corrected answer, populating the electronic assessment with the corrected answer for the second question. In some aspects, the operations further comprise updating the answer library to include the corrected answer for the second previous question.
In some aspects, the operations further comprise: identifying, based on the answer library generated for the entity, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on a similarity between the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; providing the second answer to the second question for display on the graphical user interface; receiving, via the graphical user interface, a second indication that the second answer is incorrect for the second question; and responsive to receiving the second indication, updating the answer library to include the second question.
In accordance with various aspects, a non-transitory computer-readable medium is provided having computer-executable instructions that are stored thereon. The instructions that, when executed by computing hardware, configure the computing hardware to perform operations comprising: receiving an electronic assessment to be completed by an entity, wherein the electronic assessment comprises a set of questions; generating a first token representation of each question in the set of questions; identifying, based on an answer library generated for the entity, a first answer to a first question in the set of questions, wherein: the answer library comprises (i) a set of previous questions answered by the entity for at least one previous electronic assessment, (ii) a second token representation for each previous question in the set of previous questions, and (iii) a previous answer for each previous question in the set of previous questions, and the first answer comprises the corresponding previous answer for a first previous question in the set of previous questions based on the corresponding second token representation for the first previous question and the corresponding first token representation for the first question; providing a graphical user interface for display, wherein the graphical user interface comprises the first answer to the first question; receiving, via the graphical user interface, an indication that the first answer is correct for the first question; and responsive to receiving the indication, populating the electronic assessment with the first answer for the first question.
In some aspects, the operations further comprise: receiving a first input of a first location of the set of questions found in the electronic assessment; receiving a second input of a second location of answers to provide for the set of questions in the electronic assessment; generating a mapping comprising a position in the electronic assessment for providing each answer for each question in the set of questions, wherein: the position is based on the first location and the second location, and populating the electronic assessment with the first answer for the first question comprises referencing the mapping to identify the position in the electronic assessment for providing the first answer for the first question and populating the position with the first answer. In some aspects, the operations further comprise: extracting the set of previous questions and the previous answer for each previous question in the set of previous questions from the at least one previous electronic assessment; generating the second token representation of each previous question in the set of previous questions; and generating the answer library to include the set of previous questions, the second token representation for each previous question in the set of previous questions, and the previous answer for each previous question in the set of previous questions.
In some aspects, the operations further comprise: identifying, based on the answer library, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; providing the second answer to the second question for display on the graphical user interface; receiving, via the graphical user interface, a corrected answer to the second question, wherein the corrected answer is based on a correction made to the second answer to the second question; and responsive to receiving the corrected answer: populating the electronic assessment with the corrected answer for the second question; and updating the answer library to include the corrected answer for the second previous question. In some aspects, the operations further comprise: identifying, based on the answer library generated for the entity, a second answer to a second question in the set of questions, wherein the second answer comprises a second corresponding previous answer for a second previous question in the set of previous questions based on the corresponding second token representation for the second previous question and the corresponding first token representation for the second question; providing the second answer to the second question for display on the graphical user interface; receiving, via the graphical user interface, a second indication that the second answer is incorrect for the second question; and responsive to receiving the second indication, updating the answer library to include the second question.

BRIEF DESCRIPTION OF THE DRAWINGS

In the course of this description, reference will be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:

FIG. 1 depicts an example of a computational configuration that can be involved in facilitating data exchange among a diverse group of first and third party computing environments according to various aspects of the present disclosure;

FIG. 2 depicts an example of a process for processing an artifact request in accordance with various aspects of the present disclosure;

FIG. 3 depicts an example of a process for fulfilling an artifact request in accordance with various aspects of the present disclosure;

FIG. 4 depicts an example of a process for autocompleting an electronic assessment in accordance with various aspects of the present disclosure;

FIG. 5 depicts an example of a process for ingesting an electronic assessment in accordance with various aspects of the present disclosure;

FIG. 6 depicts an example of a process for identifying answers to questions in accordance with various aspects of the present disclosure;

FIG. 7 depicts an example of a process for populating answers in an electronic assessment in accordance with various aspects of the present disclosure;

FIGS. 8A and 8B depict an example of a process for registering a third party with a data exchange service in accordance with various aspects of the present disclosure;

FIG. 9 depicts an example of a process for linking a trust profile to a third party tenant instance in accordance with various aspects of the present disclosure;

FIG. 10 depicts an example of a system architecture that may be used in accordance with various aspects of the present disclosure; and

FIG. 11 depicts an example of a computing entity that may be used in accordance with various aspects of the present disclosure.

DETAILED DESCRIPTION

Overview

As noted, a significant challenge encountered by many entities (e.g., first parties) such as organizations, corporations, companies, and/or the like is mitigating risks associated with integrating computer-related functionality provided by third party computing systems (e.g., computer-related services, software, storage, processing capacity, etc.). To combat this challenge, many first parties will vet the integration of computer-related functionality provided by third party computing systems into computing systems of the first parties (e.g., first party computing systems) to evaluate the risk associated with such integrations and to better understand what challenges may be involved in such integrations. Often, the vetting process involves gathering data (e.g., information) from third parties that are associated with these third party computing systems. For example, a first party may request a third party to complete an assessment to provide information on particular computer-related functionality provided through a third party computing system so that the first party can use such information in performing the vetting process. In another example, a first party may request a third party to provide supporting documentation with respect to some aspect of the computer-related functionality. Accordingly, the first party may request various types of data from the third party and a particular piece of data such as an assessment, document, certification, and/or the like requested by a first party may be referred to as an “artifact.” In this respect, a third party may (continuously) receive multiple data requests from multiple first parties for multiple types of artifacts.
However, the data gathering process can present significant technical challenges to many first and/or third parties. For instance, technical challenges can arise from the fact that the different first parties and third parties that can be involved in the data gathering process may be quite diverse with respect to computing environments in which they operate and the different functionality, capabilities, interfaces, and/or the like among the computing environments. For example, a computing environment for a particular third party (e.g., a particular third party computing environment) may be required to interact with multiple first party computing environments to fulfill requests for various artifacts from the multiple first party computing environments. The multiple first party computing environments may use different hardware components and/or software components in providing communication channels to facilitate data exchange with external computing environments. Therefore, the particular third party computing environment may be required to have functionality and/or capabilities in place to interface, communicate, and/or the like with these different hardware components and/or software components.
Such technical challenges can arise even though some of first and/or third parties may be willing to use more standardized communication channels, such as email, to help facilitate exchange of artifacts. First, standardized communication channels used within many computing environments are typically accessible (available) to a large number of individuals (e.g., “users”) of the environments. Therefore, the use of standardized communication channels can cause the data gathering process to become decentralized in nature because too many individuals can become easily involved in the data gathering process with artifacts being freely exchanged through the standardized communication channels between multiple individuals who are associated with various first and/or third parties.
This exchange can often occur without proper controls in place to ensure data requests are being timely fulfilled, and that the proper (correct) artifacts are being provided in the exchange. In addition, this exchange can often occur with the individuals who are involved in the exchange not knowing whether other individuals have already fulfilled the data requests and/or what artifacts have already been exchanged. Thus, the use of standardized communication channels within first and third party computing environments to facilitate exchange of artifacts during the data gathering process can result in inefficiencies in the use of various resources found in these environments due to the decentralized nature caused by the use of such channels.
Second, even though some first and/or third parties may be comfortable with using standardized communication channels, many other first and/or third parties are not. Often these first and/or third parties will require some other type of, more secure, communication channel be used in exchanging an artifact. For example, this may be because the artifact may be considered sensitive in nature. Or in the alternative, some of these first and/or third parties may be willing to use more standardized communication channels, but may require that such channels be used with additional security features and/or functionality such as encryption. Accordingly, many first and/or third parties may be required to implement hardware components and/or software components within their computing environments to facilitate these more secure communication channels required by several different first and/or third parties. This can prove to be technically challenging, as well create inefficiencies within their computing environments. Thus, the diversity found among the computing environments of various first and third parties can make exchanging data between the computing environments of these parties exceedingly difficult.
In addition, technical challenges can arise due to the number of third parties any one first party may need to gather data from, as well as the volume of data (e.g., number of artifacts) that may need to be gathered from these third parties. The same can be true for a third party with respect to the number of first parties any one third party may need to provide data to, as well as the volume of data (e.g., number of artifacts) that may need to be provided to these first parties.
More specifically, the data gathering process can prove to be quite taxiing on a first party's and/or third party's computing environment due to a large number of first and/or third party computing environments that needs to be interacted with and/or the amount of data that needs to be collected and/or provided. For example, a first party may be looking to implement certain computer-functionality into a computing system. Here, the first party may be vetting several different third parties in deciding which of the third parties' computer-related functionality to implement into the first party's computing system. In addition, the first party may require several different artifacts from each third party in performing the vetting process. Therefore, the first party's computing environment needs to interact with several different computing environments of the various third parties during the data gathering process to collect the different artifacts from each of the third parties.
The same can hold true for a third party who is required to fulfill data requests received from several different first parties. The third party's computing environment needs to interact with several different computing environments of the various first parties during the data gathering process to provide the different artifacts to each of the first parties. Not only can this prove technically challenging with respect to the first or third party's computing environment interacting with a diverse group of first and/or third party computing environments, but this can also prove technically challenging to the first or third party computing environment with respect to the resources required in facilitating the data gathering process involving the diverse group of first and/or third party computing environments.
Further, technical challenges can arise due to requirements imposed by first and/or third parties to allow exchange of certain types of data (e.g., exchange of certain artifacts). For example, a third party may require a particular artifact that is considered to be sensitive in nature to be handled with certain security and/or access controls in place. These security and/or access controls can prove to be quite challenging when they need to be implemented within a first party's computing environment so that the computing environment is sufficiently operated and can be used in the data gathering process. This can be especially true when the first party may be dealing with multiple third parties who impose different, conflicting requirements that need to be implemented within the first party's computing environment. Accordingly, the data gathering process can present significant technical challenges to many first and/or third parties.
Various aspects of the present disclosure overcome many of the technical challenges associated with facilitating data exchange among a diverse group of first and third party computing environments as discussed herein. Specifically, various aspects are directed to a data exchange computing platform that facilitates data exchange among a diverse group of first and third party computing environments. The data exchange computing platform provides a data exchange service available to various first and third parties who wish to exchange data. These various first and third parties register with the data exchange service to become tenants of the service and as a result, tenant instances are generated on the data exchange computing platform for the various first and third parties.
In various aspects, the data exchange computing platform provides a centralized, uniform, and secure environment in which the various first and third parties can exchange data (e.g., artifacts) among themselves through their computing environments. Therefore, the data exchange computing platform can address many of the technical challenges that result from different first and third parties being involved in the data gathering process who have diverse computing environments in which they operate and the different functionality, capabilities, interfaces, and/or the like among the diverse computing environments. Here, the data exchange computing platform can serve as a single, uniform, and secure point (e.g., interface) through which a computing environment for a particular first or third party can interact with to exchange data with multiple, diverse computing environments of other first and/or third parties, without the concerns of having to implement a diverse set of functionality, capabilities, interfaces, and/or the like in order to exchange the data with the multiple, diverse computing environments.
It is noted that any particular entity can be a first party or a third party, depending on the data exchange taking place. For example, a first particular entity may be interested in using a computer-implemented service provided by a second particular entity. Here, the first particular entity may require one or more artifacts from the second particular entity in evaluating whether or not to use the computer-implemented service, which may interface with a computing system of the first particular party. In this instance, the first particular entity is serving in a first party role of the data exchange, while the second particular entity is serving in a third party role of the data exchange.
However, the same first particular entity may also provide a computer-implemented service. A third particular entity may be interested in evaluating the computer-implemented service that is to interface with a computing system of the third particular entity and the third particular entity may request one or more artifacts from the first particular entity in conducting the evaluation of the computer-implemented service. In this instance, the first particular entity is serving in a third party role of the data exchange, while the third particular entity is serving in a first party role of the data exchange. Thus, the data exchange computing platform can address many of the technical challenges that result from the first particular entity serving in either a first party or third party role with the first particular entity's computing environment interacting with the diversity found in both second and third entities' computing environments.
In various aspects, each tenant instance on the data exchange computing platform provides the corresponding first or third party with a portal though which the first or third party can access the data exchange service to initiate and/or fulfill requests for data sent to and/or received from other first and/or third parties who are also tenants of the data exchange service. Accordingly, the data exchange computing platform can allow for a first party to send a request for data (e.g., a particular artifact) through the first party's tenant instance directly to a third party who is also a tenant of the data exchange service. In turn, the data exchange computing platform can allow for a third party to fulfill a request for data through the third party's tenant instance directly with a first party who is also a tenant of the data exchange service.
In some aspects, the data exchange computing platform can allow for a first party to send a request for data (e.g., a particular artifact) through the first party's tenant instance to a third party who is not currently a tenant of the data exchange service. For example, the data exchange computing platform can receive the request and determine that the third party is not a tenant of data exchange service. As a result, the data exchange computing platform can send an electronic notification, such as an email, on behalf of the first party to the third party (e.g., personnel thereof) requesting the data. Here, the electronic notification can include an invitation mechanism for facilitating registration of the third party with the data exchange service. For example, the invitation mechanism can be a hyperlink that when activated, opens a guest portal (e.g., graphical user interface) for the data exchange service in a browser application residing on a user device being used by the personnel. In some aspects, the guest portal may include a control element configured for facilitating registration of the third party with the data exchange service. Therefore, upon activation of the control element, the data exchange computing platform can generate a tenant instance on the data exchange computing platform for the third party to facilitate the third party becoming a tenant of the data exchange service.
In addition, the data exchange computing platform can provide access to the request received from the first party via the third party's tenant instance so that the request is automatically available to the third party through the data exchange service. Further, the data exchange computing platform can provide an upload mechanism through the third party's tenant instance to facilitate the third party uploading the requested data into the data exchange computing platform. Upon receiving the uploaded data, the data exchange computing platform can then provide access to the data to the first party through the first party's tenant instance. In addition, the data exchange computing platform can send an electronic notification to the first party indicating the data is available through the data exchange service.
Accordingly, the data exchange computing platform can facilitate the exchange of the data between the first and third parties without concern of the functionality, capabilities, interfaces, and/or the like of the first and third parties' computing environments. In other words, the data exchange computing platform can address the technical challenges that can result from a diverse group of computing environments that may be found among the different first and/or third parties in that the data exchange computing platform can provide a centralized, uniform, and secure environment in which the various first and third parties can exchange data.
In some instances, a first party may submit a request that involves an artifact such as an electronic assessment that the first party wishes to have the third party complete. For example, the electronic assessment may involve a set of questions that the first party may request the third party to answer, and the first party may provide the electronic assessment to complete. The data exchange computing platform can provide the third party with access to the electronic assessment through the third party's tenant instance. In addition, the data exchange computing platform can provide an upload mechanism through the third party's tenant instance to facilitate the third party uploading a completed version of the electronic assessment into the data exchange computing platform. Upon receiving the completed version of the electronic assessment, the data exchange computing platform can provide access to the completed version of the electronic assessment to the first party through the first party's tenant instance. In addition, the data exchange computing platform can send an electronic notification to the first party indicating the completed version of the electronic assessment is available through the data exchange service. Accordingly, the data exchange computing platform can facilitate the completion of an electronic assessment by the third party without concern of the functionality, capabilities, interfaces, and/or the like of the first and third parties' computing environments.
In various aspects, the data exchange computing platform provides autocompletion assessment software through the data exchange service to assist third parties with completing electronic assessments requested by first parties. The autocompletion assessment software is configured to automatically identify answers to the set of questions found in the electronic assessment based on previous answers to previous questions provided by the third party in one or more previous electronic assessments completed by the third party. The autocompletion assessment software can then load the answers into the electronic assessment as part of generating the completed version of the electronic assessment.
In some aspects, the autocompletion assessment software may use an answer library generated for the third party that includes a set of previous questions answered by the third party for at least one previous electronic assessment, a token representation for each previous question in the set of previous questions, and at least one previous answer for each previous question in the set of previous questions. Accordingly, the data exchange computing platform can execute the autocompletion assessment software to perform natural language processing on the set of questions found in the electronic assessment to generate a token representation of each question. The software can then identify, based on the answer library, at least one answer to any particular question in the set of questions. Here, the answer comprises the one or more corresponding previous answers for a previous question in the set of previous questions based on a similarity between the corresponding token representation for the previous question and the corresponding token representation for the particular question. In addition, the software can generate, based on a level of the similarity between the corresponding tokens, a confidence measure that identifies a confidence in the answer being correct for the corresponding question.
The data exchange computing platform can further execute the autocompletion assessment software to provide a graphical user interface that displays the answers identified for the questions and their confidence measures. The confidence measures can allow for personnel of the third party to more quickly review the answers for correctness by concentrating on those answers that have a lower confidence measure. The graphical user interface can allow for the personnel to correct/revise any answers and/or to identify those answers that may be wrong for the corresponding questions. The data exchange computing platform can then update the answer library accordingly. For example, the data exchange computing platform can update the answer library to reflect a corrected/revised answer for a particular question. In addition, the data exchange computing platform can revise the token representation in the answer library for any previous question in which the previous question was mistakenly identified by the autocompletion assessment software as corresponding to a question found in the electronic assessment.
The data exchange computing platform can further execute the autocompletion assessment software to populate the electronic assessment with the answers for questions found in the assessment that have been identified as correct by the personnel. In some aspects, the autocompletion assessment software is configured to generate a mapping of the set of questions found in the electronic assessment, and more specifically generate a mapping of the positions in the electronic assessment where the answers to the various questions are to be filled in for the electronic assessment. The autocompletion assessment software can then use this mapping in populating the answers in the electronic assessment to generate a completed version of the electronic assessment. Therefore, the autocompletion assessment software can assist third parties in completing electronic assessments more quickly, as well as assist the third parties in providing accurate and consistent answers to the set of questions provided in the electronic assessments. Such capabilities can be especially beneficial to third parties who may receive a significant number of electronic assessments from different first parties.
In various aspects, the data exchange computing platform also provides third party trust profiles to further assist third parties with providing first parties with access to data (e.g., various type of artifacts) of the third parties. A third party trust profile can serve as an electronic forum available through the data exchange service that is controlled by a particular (associated) third party with respect to making data available through the third party trust profile. For example, the third party trust profile can be used in publicly publishing data (e.g., artifacts) to make the data available to other tenants of the data exchange service. In addition, the third party trust profile can be used in privately publishing data (e.g., artifacts) to make the data available to a select group of tenants of the data exchange service. Further, the third party trust profile can be used in facilitating receipt of requests for data, as well as fulfilling requests for data. Furthermore, the third party trust profile can be used in providing other data on the third party such as information on various computer-related functionality (e.g., services and/or products) offered by the third party, certifications held by the third party, endorsements received by the third party, case studies conducted by the third party, and/or the like.
In various aspects, the data exchange computing platform facilitates a third party claiming a third party trust profile. Here, the data exchange computing platform can receive a request from a third party to claim a particular third party trust profile and in response, lock the third party trust profile so that the profile becomes unavailable to be claimed by another third party (e.g., another tenant of the data exchange service). The data exchange computing platform then submits the request to claim the particular third party trust profile to be validated.
In some aspects, the data exchange computing platform validates the request without human intervention, or with minimal human intervention. For example, the request may include data (information) on the third party and/or personnel (e.g., an individual) who is submitting the request that can then be used by the data exchange computing platform to validate the request for the third party trust profile. As a specific example, the data may include identification information on personnel (e.g., the individual) who submitted the request on behalf of the third party. Here, the data exchange computing platform may use the identification information to investigate publicly available information found through various data sources (e.g., information found on LinkedIn®) to determine that the request is legitimate and that the proper third party (and/or personnel thereof) is claiming the third party trust profile. In other aspects, the data exchange computing platform submits the request to validation personnel who then conducts a validation process to validate that the request is legitimate.
The data exchange computing platform can receive an indication that the request to claim the particular third party trust profile has been validated. In turn, the data exchange computing platform can link the third party trust profile to the third party's tenant instance in the data exchange computing platform so that the third party trust profile is available to the third party through the third party's tenant instance (e.g., portal thereof). At this point, the third party (e.g., personnel thereof) can access the third party trust profile and control the availability of data provided through the third party trust profile.
Accordingly, the third party trust profile can address many of the technical challenges the third party may encounter with respect to the diversity that can be experienced in fulfilling data requests with respect to first parties' computing environments in which they operate and the different functionality, capabilities, interfaces, and/or the like among the computing environments. In addition, the third party trust profile can address many of the technical challenges the third party may encounter that can arise due to the number of first parties the third party may need to provide data to, as well as the volume of data (e.g., number of artifacts) that may need to be provided to these first parties. The third party trust profile can facilitate the exchange of data with first parties without the third party's computing environment necessarily having to directly interact with the first parties' computing environment. In some instances, the third party trust profile can facilitate the exchange of data without the third party having to necessarily get involved at all in the request for the data. For example, the data involved in a request may be publicly available through the third party's trust profile. As a result, the third party trust profile can reduce the number of requests for data received from first parties that the third party may need to field. Accordingly, other technical contributions of various aspects of the disclosure will become apparent in further details of these various aspects provided herein.

Example Computational Configuration

FIG. 1 depicts an example of a computational configuration that can be involved in facilitating data exchange among a diverse group of first and third party computing environments 170, 180 according to various aspects. A data exchange computing platform 100 is provided that may contain the integration of one or more computing systems to facilitate the exchange of data between the first and third party computing environments 170, 180. Accordingly, a computing system of the data exchange computing platform 100 can include various software components and/or hardware components used in facilitating the exchange of data between the first and third party computing environments 170, 180.
For example, a first party may be looking to integrate computer-related functionality provided by a computing system 182 found within a third party's computing environment 180 into a computing system 172 found within the first party's computing environment 170. Here, the first party may be interested in vetting the integration of the computer-related functionality to evaluate the risk associated with the integration and to better understand what challenges may be involved in the integration. Therefore, the first party may require certain data (e.g., certain artifacts) from the third party to use in the vetting process.
Accordingly, the data exchange computing platform 100 in various aspects can facilitate exchange of the certain data between the first and third parties by providing a data exchange service that is accessible over one or more networks 160 (e.g., the Internet) by the first and third parties who are “tenants” of the data exchange service. The data exchange computing platform 100 can provide personnel of the first and third parties with portals that are accessible over the one or more networks 160 by a first party tenant computing system 171 for the first party and a third party tenant computing system 181 for the third party. For example, the portals can comprise one or more graphical user interfaces (e.g., one or more webpages) that are provided through the data exchange service and are used in accessing tenant instances found on the data exchange computing platform 100 for the first and third parties.
The tenant instances provide the first and third parties (e.g., personnel thereof) with various functionality that can be performed within the data exchange service to facilitate exchanging data between the first and third parties over the data exchange computing platform 100. For example, the first party's tenant instance can facilitate the first party's submission of a request for certain data from the third party. In turn, the third party's tenant instance can facilitate fulfilling the request and providing the first party with the certain data. In facilitating this exchange of data, the tenant instances for the first and third parties can allow for personnel of the third party to upload the certain data from the third party tenant computing system 181 into the data exchange computing platform 100. The tenant instances can then provide personnel of the first party with access to the certain data uploaded to the data exchange computing platform 100 from the first party tenant computing system 171. Accordingly, the data exchange computing platform 100 can facilitate this exchange of data without the first party's computing environment 170 having to directly interact with the third party's computing environment 180.
The data exchange computing platform 100 in various aspects includes a repository 150 that can be used for storing data (e.g., various artifacts) that has been uploaded by different third parties to make the data more readily available through the data exchange service. For example, the repository 150 can be used in storing data for a particular third party that can then be made available through the third party's trust profile. Therefore, the repository 150 can serve as a centralized, secure source of data for the third party that can then be used in fulfilling data requests, as well as making data publicly available through the third party's trust profile to other tenants of the data exchange service.
In some aspects, the data exchange computing platform 100 executes an artifact request module 110 that processes a request for particular data (e.g., a particular artifact) submitted by a first party to have fulfilled by a third party. The artifact request module 110 first identifies whether the third party being asked to fulfill the request is a current tenant of the data exchange service. If so, then the artifact request module 110 processes the request to make the request available through the third party's tenant instance. The data exchange computing platform 100 can then provide the third party with access to the request and allow the third party to fulfill the request through the third party's tenant instance. If the third party is not a current tenant of the data exchange service, then the artifact request module 110 can facilitate sending an invitation to the third party to register with the data exchange service and become a tenant of the service. Once registered, the data exchange computing platform 100 can provide the third party with access to the request and allow the third party to fulfill the request through the tenant instance generated on the data exchange computing platform 100 for the third party.
In additional or alternative aspects, the data exchange computing platform 100 executes a process request link module 115. The process request link module 115 processes a request for data that has been responded to by the third party. The data exchange computing platform 100 can send an electronic notification, such as an email, to the third party (e.g., personnel thereof) on behalf of a first party identifying a request for data has been made by the first party. The notification can include an access mechanism that the third party can activate to access the data exchange service and invoke the process request link module 115. In turn, the process request link module 115 directs the third party to the third party's portal that provides access to the third party's tenant instance. The process request link module 115 can then provide the third party with access to the request through the third party's tenant instance, as well as an upload mechanism to allow the third party to upload the requested data into the data exchange computing platform 100. In addition, in instances where the data involves an artifact such as an electronic assessment, the process request link module 115 can provide the third party with access to the assessment, itself, through the third party's tenant instance. Once the data is uploaded, the process request link module 115 can make the uploaded data available to the first party who requested the data through the first party's tenant instance. In addition, the process request link module 115 can save the uploaded data to the repository 150 for the third party.
In additional or alternative aspects, the data exchange computing platform 100 provides autocompletion assessment software within the data exchange service that can be used by a third party in completing an electronic assessment. Accordingly, the autocompletion assessment software can include an autocompletion assessment module 120, an ingest module 125, an identify answers module 130, and a populate assessment module 135. The data exchange computing platform 100 executes the autocompletion assessment module 120 to assist a third party in completing an electronic assessment that has been submitted by a first party for completion by the third party. The autocompletion assessment module 120 assists the third party by automatically identifying answers to the questions provided in electronic assessment and loading the identified answers into the assessment.
In assisting the third party, the autocompletion invokes the ingest module 125, the identify answers module 130, and populate assessment module 135. The data exchange computing platform 100 executes the ingest module 125 to extract the set of questions found in the electronic assessment and ingest them into the data exchange computing platform 100 so that each question in the set of questions can be processed for identifying one or more appropriate answers for the question.
The data exchange computing platform 100 executes the identify answers module 130 to identify appropriate answers for one or more questions found in the set of questions. Here, the identify answers module 130 identifies the answers by comparing the questions found in the set of questions to previous questions answered by the third party in one or more previous assessments completed by the third party. In some aspects, the data exchange computing platform 100 can generate one or more answer libraries for the third party that include previous questions and answers provided in the one or more previous assessments completed by the third party. The identify answers module 130 can then use these answer libraries in identifying appropriate answers to questions found in the electronic assessment.
The data exchange computing platform 100 executes the populate assessment module 135 to populate the electronic assessment with the identified answers for various questions found in the set of questions presented in the assessment. In various aspects, the populate assessment module 135 makes use of a mapping generated for the set of questions presented in the electronic assessment that identifies positions found in the assessment where the answers to the set of questions are to be provided. Accordingly, the populate assessment module 135 can use the mapping in automatically populating the electronic assessment with the identified answers to one or more of the set of questions to generate a completed version of the electronic assessment.
In additional or alternative aspects, when the data exchange computing platform 100 receives a request for data from a third party who is not currently a tenant of the data exchange service, the data exchange computing platform 100 executes a process invitation link module 140 to process an invitation sent to the third party to become a tenant of the data exchange service. The data exchange computing platform 100 can send an electronic notification, such as an email, to the third party (e.g., personnel thereof) on behalf of a first party notifying the third party that the first party is requesting data from the third party and inviting the third party to register with the data exchange service. The notification can include an invitation mechanism that the third party can activate to register with the data exchange service. In turn, the process invitation link module 140 directs the third party (e.g., personnel thereof) to a guest portal that facilitates the third party's registration with the data exchange service. For example, the guest portal can comprise one or more graphical user interfaces (e.g., one or more webpages) that facilitates the third party's registration with the data exchange service.
The process invitation link module 140 validates the registration for the third party and once validated, creates a tenant instance on the data exchange computing platform 100 for the third party. In addition, the process invitation link module 140 can confirm the registration of the third party. Once confirmed, the process invitation link module 140 can provide the third party with access to the request for data through the third party's tenant instance. In addition, if the request for data involves an artifact such as an electronic assessment, the process invitation link module 140 can provide the third party with access to the electronic assessment through the third party's tenant instance.
In additional or alternative aspects, when the data exchange computing platform 100 receives a request from the third party to claim a third party trust profile, the data exchange computing platform 100 executes a claim profile module 145 to process the request. The claim profile module 145 locks the third party trust profile so that the trust profile is unavailable for another third party to claim. The claim profile module 145 receives an indication as to whether the request is valid. If the request is valid, then the claim profile module 145 links the third party trust profile to the third party's tenant instance. As a result, the data exchange computing platform 100 provides the third party with access to the third party trust profile through the third party's tenant instance and allows the third party to control the data (e.g., artifacts) that is made available to other tenants of the data exchange service through the third party trust profile. Further details on the different modules is provided.

Artifact Request Module

Turning now to FIG. 2 , additional details are provided regarding an artifact request module 110 used for processing a request submitted by a first party for data from a third party in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 2 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the artifact request module 110.
The data exchange computing platform 100 can allow a first party (e.g., personnel thereof) to log into the data exchange service and upon logging in, provided the first party with a portal (e.g., one or more graphical user interfaces) that allows the first party to perform functionality through the party's tenant instance. One such functionality is submitting a request for a third party to provide data such as an artifact. The artifact can be, for example, a particular piece of data such as an assessment, document, certification, and/or the like. Accordingly, the data exchange computing platform 100 can invoke the artifact request module 110 to process the request.
The process 200 involves the artifact request module 110 receiving the request in Operation 210. The request may include information needed to process the request such as, for example, the name of the artifact, the type of artifact being requested, instructions for the request, an identifier (e.g., name) of the first party, an identifier (e.g., name) of the third party, a contact (e.g., email address) for the third party, and/or the like. In some aspects, the first party (personnel thereof) provides some or all of the information when submitting the request. In additional or alternative aspects, the data exchange computing platform 100 may retrieve some or all of the information from the repository 150. For example, the data exchange computing platform 100 may have sent the third party another request in the past and in doing so, store information on the third party in the repository 150, or the third party may currently be a tenant of the data exchange service and therefore, information on the third party may be stored in the repository 150 accordingly.
The artifact request module 110 logs the request in Operation 215. In some aspects, the artifact request module 110 logs the request by recording the request in the repository 150. In addition, the artifact request module 110 may record an initial status of the request as “open.”
In Operation 220, the artifact request module 110 determines whether the third party is currently a tenant of the data exchange service. In some aspects, the information provided along with the request may indicate that the third party is or is not a current tenant of the data exchange service. In alternative aspects, the artifact request module 110 may query the data exchange computing platform 100 (e.g., the repository 150) to determine whether a tenant instance currently exists on the data exchange computing platform 100 for the third party.
In various aspects, the data exchange computing platform 100 allows for first parties to identify (e.g., “link” with) those third parties who are also tenants of the data exchange service that the first parties would like to exchange data with through the data exchange service. Here, the data exchange computing platform 100 may provide a first party (e.g., personnel thereof) with functionality through the first party's tenant instance (e.g., via the first party's portal) to allow personnel for the first party to identify those third parties that the first party would like to exchange data with through the data exchange service. For example, the data exchange computing platform 100 can provide the personnel with one or more graphical user interfaces that lists the third parties who are current tenants of the data exchange service. Therefore, the personnel can select which third parties that the first party would like to exchange data with through the data exchange service.
In some aspects, the data exchange computing platform 100 may first solicit approval from the third party before linking the third party with the first party. For example, the data exchange computing platform 100 may send a notification to the third party requesting the third party approve the first party's request to be linked with the third party so that the two parties can exchange data through the data exchange service. Once approved, the data exchange computing platform 100 can then link the first party and third party in the data exchange service (e.g., link the first party's tenant instance with the third party's tenant instance on the data exchange computing platform 100). Therefore, in these instances, the artifact request module 110 can determine whether to treat the third party as a current tenant of the data exchange service, with respect to the first party, by determining whether the third party is linked with the first party in the data exchange service.
If the third party is currently a tenant of the data exchange service, then the artifact request module 110 creates the request in the third party's tenant instance in Operation 225. As a result, the request becomes available to access through the third party's tenant instance. In some aspects, the data exchange computing platform 100 may provide an upload mechanism in the third party's tenant instance to allow the third party to upload the artifact being requested. For example, the artifact request module 110 may provide a control such as a button that allows the third party (personnel thereof) to navigate and choose an electronic document (e.g., file) from a third party tenant computing system 181 to upload into the data exchange computing platform 100. In this regard, the data exchange computing platform 100 provides the third party (the third party's computing environment 180) with a single, secure interface through which the third party can provide artifacts to a variety of first parties (first parties' computing environments 170).
In addition to providing access to the request, the artifact request module 110 creates an electronic notification to send to the third party in Operation 230. For example, depending on the contact available for the third party, the electronic notification can be in the form of an electronic communication such as an email, text message, platform message (e.g., LinkedIn®), and/or the like. In some aspects, the artifact request module 110 creates the electronic notification to include an access mechanism that the third party (e.g., personnel thereof) can use to access the request. For example, the access mechanism may comprise a request link such as a hyperlink that the personnel can select to access the third party's tenant instance.
The artifact request module 110 sends the electronic notification on behalf of the first party to notify the third party of the request made by the first party in Operation 245. Upon activating the link, the data exchange computing platform 100 may facilitate the third party (e.g., personnel thereof) logging into the data exchange service and provide the personnel with a tenant portal to access the third party's tenant instance. For example, the tenant portal may comprise one or more graphical user interfaces such as one or more webpages that are displayed through a browser application residing on a computing device of a third party tenant computing system 181.
If the third party is not currently a tenant of the data exchange service, then the artifact request module 110 verifies the contact provided along with the request in Operation 235. In various aspects, the artifact request module 110 performs this particular operation by verifying the personnel (e.g., individual) who is associated with the contact is also associated with the third party. In some aspects, the artifact request module 110 verifies the contact through soliciting (e.g., query) one or more publicly available data sources. For example, the artifact request module 110 may verify the individual is associated (e.g., employed) with the third party through soliciting a professional networking platform such as LinkedIn®, Xing, MeetUp®, Bark, and/or the like.
In additional or alternative aspects, the artifact request module 110 assigns a respondent to the request to verify the contact. A respondent may be personnel who is responsible for ensuring the contact is associated with the third party. For example, the respondent may verify that the contact is associated with the third party by searching one or more publicly available data sources, directly contacting the contact, contacting the third party, and/or the like. Once verified, the artifact request module 110 may receive an indication that the contact has been verified for the request.
In some aspects, the artifact request module 110 creates an electronic notification to send to the third party in Operation 240. Again, depending on the contact available for the third party, the electronic notification can be in the form of an electronic communication such as an email, text message, platform message (e.g., LinkedIn®), and/or the like. Here, the artifact request module 110 can create the electronic notification to include an invitation mechanism that the third party (e.g., personnel thereof) can use to register with the data exchange service, and subsequently access the request. For example, similar to the access mechanism, the invitation mechanism may comprise an invitation link such as a hyperlink that the personnel can select to access a guest portal for the data exchange service that can be used to register the third party with the data exchange service.
Therefore, in Operation 245, the artifact request module 110 sends the electronic notification on behalf of the first party to notify the third party of the request made by the first party and to invite the third party to register with the data exchange service. Upon activating the link, the data exchange computing platform 100 may provide personnel for the third party with a guest portal that can be used in registering with the data exchange service. For example, the guest portal may comprise one or more graphical user interfaces such as one or more webpages that are displayed through a browser application residing on a computing device of a third party tenant computing system 181.
It is noted that in some aspects, depending on the circumstances and/or responsibilities of the respondent, the artifact request module 110 may or may not send the electronic notification with the invitation link to the third party, or may not send the electronic notification upon receiving the request. Instead, the respondent, independent of the artifact request module 110, may verify the contact for the third party and then send the electronic notification to the third party accordingly.

Process Request Link Module

Turning now to FIG. 3 , additional details are provided regarding a process request link module 115 used for fulfilling an artifact request in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 3 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the process request link module 115.
The data exchange computing platform 100 may receive a request for an artifact to be sent to a third party submitted by a first party through the data exchange service. In turn, the data exchange computing platform 100 (e.g., the artifact request module 110) may generate and send an electronic notification on behalf of the first party that includes an access mechanism that personnel for the third party may activate to gain access to the request. Upon activation, the data exchange computing platform 100 may provide the personnel with a login portal to facilitate the personnel logging into the data exchange service. For example, the login portal may comprise one or more graphical user interfaces such as one or more webpages that are displayed through a browser application residing on a computing device of a third party tenant computing system 181.
Upon successful login, the data exchange computing platform 100 activates the process request link module 115 and provides the module 115 with the login (e.g., information on the third party who has successfully logged into the data exchange service). Therefore, the process 300 involves the process request link module 115 receiving the login at Operation 310. In turn, the process request link module 115 provides the personnel for the third party with a tenant portal in Operation 315. Again, the tenant portal may comprise one or more graphical user interfaces such as one or more webpages that are displayed through the browser application.
In general, the tenant portal provides the personnel with access to the third party's tenant instance. In doing so, the tenant portal may provide the personnel with access to certain functionality that can be performed through the data exchange service. For example, the tenant portal may provide the personnel with access to functionality that allows the personnel to view a request for an artifact that has been submitted by a first party for the third party. In addition, the tenant portal may provide the personnel with access to functionality that allows the personnel to upload an artifact into the data exchange computing platform 100 so that the artifact can be made available to one or more first parties. Further, the tenant portal may provide the personnel with access to functionality that allows the personal to download and/or access an electronic assessment that has been requested to be completed by a first party. Furthermore, the tenant portal may provide the personnel with access to functionality that assists the personnel in completing an electronic assessment that has been requested to be completed by a first party.
Therefore, in Operation 320, the process request link module 115 determines whether the current request being made of the third party involves the third party completing an electronic assessment for the first party. If so, then the process request link module 115 provides access to the electronic assessment through the third party's tenant instance in Operation 325. Accordingly, the electronic assessment (e.g., assessment file) may be provided in various formats such as, for example, an Excel® spreadsheet, a Word® document, a fillable portable document format (PDF) file, and/or the like. Thus, the process request link module 115 can provide access to the electronic assessment that enables the personnel to the download the assessment from the data exchange computing platform 100 to a third party tenant computing system 181 if desired.
Per the personnel's request, the process request link module 115 may upload an artifact into the data exchange computing platform 100 in Operation 330. For example, per the personnel's request, the process request link module 115 may upload an artifact (e.g., a completed version of an assessment) into the data exchange computing platform 100 to fulfill the request for the artifact submitted by the first party. Here, the data exchange computing platform 100 can provide the personnel with an upload mechanism available through the tenant portal to facilitate uploading the artifact into the data exchange computing platform 100. For example, the tenant portal may provide a control such as a button that allows the third party personnel to navigate and choose the artifact (e.g., an electronic file) from a third party tenant computing system 181 to upload into the data exchange computing platform 100.
Once uploaded, the process request link module 115 may determine whether to save the uploaded artifact in Operation 335. For example, the process request link module 115 may cause the tenant portal to inquire as to whether the third party would like to have the uploaded artifact saved on the data exchange computing platform 100 so that the artifact may be used for fulfilling future requests made by first parties. If the process request link module 115 receives a positive response from the personnel, then the process request link module 115 saves the artifact in the repository 150 of the data exchange computing platform 100 in Operation 340. In various aspects, the data exchange computing platform 100 may then make the artifact available to the third party through the third party's tenant instance. As a result, the data exchange computing platform 100, upon request, can then provide the artifact to other first parties who are tenants through the data exchange service without having to upload the artifact again into the data exchange computing platform 100.
In Operation 345, the process request link module 115 determines whether to share the uploaded artifact with the first party who submitted the request for the artifact. Again, the process request link module 115 may cause the tenant portal to inquire as to whether the third party would like to share the uploaded artifact with the first party who submitted the request for the artifact. If the process request link module 115 receives a positive response from the personnel, then the process request link module 115 sends an electronic notification to the first party indicating the artifact is now available through the data exchange service in Operation 350. In addition, the process request link module 115 sets the request status to “completed” in Operation 355.
Accordingly, the process request link module 115 may provide the first party with access to the artifact through the first party's tenant instance on the data exchange computing platform 100. In doing so, the data exchange computing platform 100 can facilitate exchange of the artifact between the first and third parties without the first party's computing environment 170 and the third party's computing environment 180 having to directly interact to exchange the artifact. As a result, the data exchange computing platform 100 can address any technical challenges that may be encountered due to different functionality, capabilities, interfaces, and/or the like between the first party and third party computing environments 170, 180.

Autocompletion Assessment Module

Turning now to FIG. 4 , additional details are provided regarding an autocompletion assessment module 120 used for autocompleting an electronic assessment in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 4 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the autocompletion assessment module 120.
In various aspects, the data exchange computing platform 100 provides functionality through the data exchange service that can assist a third party (e.g., personnel thereof) in completing an electronic assessment. The electronic assessment can involve a set of questions that a first party has asked the third party to provide answers to in the assessment. In various aspects, the functionality provided through the data exchange computing platform 100 can automatically identify answers to one or more questions in the set of questions. The data exchange computing platform 100 can make such functionality available to third parties through the third parties' tenant instances. Therefore, upon receiving an indication that a third party has access the functionality through the third party's tenant instance, the data exchange computing platform 100 can invoke the autocompletion assessment module 120.
The process 400 involves the autocompletion assessment module 120 ingesting the electronic assessment (assessment file) in Operation 410. This operation may involve extracting the set of questions from the assessment file. For example, the assessment file may be in various formats such as an Excel® spreadsheet, a Word® document, a fillable portable document format (PDF) file, and/or the like. In various aspects, the autocompletion assessment module 120 performs this particular operation by invoking an ingest module 125. In turn, the ingest module 125 extracts the set of questions from the assessment file. In addition to extracting the set of questions, the ingest module 125 can generate a mapping of the set of questions and/or one or more positions for each question in the set of questions where one or more answers to the question are to be provided in the assessment file.
In Operation 415, the autocompletion assessment module 120 generates answers for one or more questions in the set of questions found in the assessment file. In various aspects, the autocompletion assessment module 120 performs this particular operation by invoking an identify answers module 130. The identify answers module 130 generates the answers for one or more questions in the set of questions by identifying previous answers provided by the third party to previous questions found in one or more previous assessments completed by the third party that are similar to the questions found in the set of questions. Here, the data exchange computing platform 100 may generate and store one or more answer libraries for the third party that include the previous questions and answers that can be used by the identify answers module 130 in generating the answers for the one or more questions in the set of questions found in the assessment file.
In Operation 420, the autocompletion assessment module 120 displays the generated answers for the one or more questions in the set of questions to the personnel for the third party. Here, the autocompletion assessment module 120 may provide one or more graphical user interfaces for display through the third party's tenant portal. The graphical user interface(s) may display the answers generated for the one or questions so that the personnel for the third party can review the accuracy of the answers. In some aspects, the graphical user interface(s) also display a confidence measure (e.g., score) for the one or more answers identified for each question that indicates a level of confidence that the correct answers has been generated for the corresponding question. The confidence measure can allow for the personnel to quickly identify those answers that may need to be reviewed more closely to ensure that the answers are correct for the corresponding questions. The graphical user interface(s) may allow for the personnel to filter the answers based on the confidence measures to further assist the personnel in identify those answers that may need to be reviewed more closely.
In addition, the one or more graphical user interfaces may provide the personnel with the capability to edit and revise the answers, as well as identify those answers that are incorrect for their corresponding questions. As a result, the autocompletion assessment module 120 can receive feedback input in Operation 425. The autocompletion assessment module 120 can then revise the answer libraries based on the feedback input in Operation 430.
In some aspects, the autocompletion assessment module 120 can perform this operation by updating the one or more corresponding previous answers for a particular previous question found in an answer library to reflect the one or more answers that were revised by the personnel. In additional or alternative aspects, the autocompletion assessment module 120 can perform this operation by revising an answer library to include a question, and one or more corresponding answers, in which an incorrect answer was identified for the question. In this way, the autocompletion assessment module 120 can update the answer library to include the question as an additional previous question, along with the one or more corresponding answers as previous answer(s), so that the autocompletion assessment module 120 can then identify the correct answer(s) for the question in the future. In addition, the autocompletion assessment module 120 can generating a token representation of the question to also include in the answer library.
In Operation 435, the autocompletion assessment module 120 populates the assessment file with the identifies answers to generate a completed version of the electronic assessment. Here, the autocompletion assessment module 120 can perform this operation by using the mapping of the set of questions and/or positions for each question in the set of questions to populate the answers in the assessment file. Once populated, the autocompletion assessment module 120 makes the assessment file available to the third party through the third party's tenant instance.

Ingest Module

Turning now to FIG. 5 , additional details are provided regarding an ingest module 125 used for ingesting an electronic assessment into the data exchange computing platform 100 in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 5 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the ingest module 125.
The process 500 involves the ingest module 125 receiving locations of where the questions can be found and the answers are to be provided in the electronic assessment (e.g., the assessment file) in Operation 510. In various aspects, the ingest module (or some other module such as the autocompletion assessment module 120) can provide personnel of the third party with one or more graphical user interfaces through the third party's tenant portal that allow the personnel to enter locations of where the set of questions can be found in the assessment file, as well as where the corresponding answers are to be provided in the assessment file.
For example, the assessment file may be provided in a spreadsheet format such as an Excel® spreadsheet. Here, the ingest module 125 can receive a first input provided through the one or more graphical user interfaces of a first location where the set of questions is found in the assessment file such as, for example, a first column of the spreadsheet in which the set of questions are listed. In addition, the ingest module 125 can receive a second input through the one or more graphical user interfaces of a second location of where answers are to be provided for the set of questions such as, for example, a second column of the spreadsheet in which the answers to the set of questions are to be provided.
In some aspects, the ingest module 125 may receive additional information on the sets of questions and corresponding answers in addition to the first and second locations. For example, the ingest module 125 may receive a third input provided through the one or more graphical user interfaces of where question numbers for the set of questions can be found such as, for example, a third column of the spreadsheet in which the question numbers (e.g., 1, 2, 3, 4, etc.) are listed. In addition, the ingest module 125 may receive a fourth input through the one or more graphical user interfaces of a fourth location of where supporting answers are to be provided for the set of questions such as, for example, a fourth column of the spreadsheet in which the supporting answers to the set of questions are to be provided. For example, the spreadsheet may be designed to provide a yes/no response for each question in the set of questions in the second column of the spreadsheet and a more detailed response in support of the yes/no response for each question in the set of questions in the fourth column.
In Operation 515, the ingest module 125 can also receive subsections of the set of questions through the one or more graphical user interfaces. For example, the set of questions provided in the assessment file may be divided into subsections based on the type of question being asked. For example, a first subset of the set of questions may be directed to access controls that have been put into place by the third party with respect to a computer-implemented service being offered by the third party. As a specific example, the first subset of questions may include a first question as to whether the third party has implemented two-factor authentication for the service, a second question as to whether the third party has implemented physical access restrictions on the area in which a repository used to support the service is located, and so forth. A second subset of the set of questions may be directed to encryption controls that have been put into place by the third party with respect to data stored in the repository for the service. As a specific example, the second subset of questions may include a first question as to whether the third party encrypts the data before storing the data in the repository, a second question as to whether the third party makes any transfers of the data within its computing environment 180 without first encrypting the data, and so forth.
The ingest module 125 can receive input through the one or more graphical user interfaces that identifies these two subsections that contain the first subset of questions and the second subset of questions. In addition, the ingest module 125 can receive input through the one or more graphical user interfaces that provides a label for each subsection. Accordingly, the data exchange computing platform 100 may provide functionality via one or more graphical user interfaces to allow personnel to filter out each of the subset of questions found in each of the subsections for reviewing purposes.
For example, particular personnel of the third party may be responsible for ensuring the correct information is provided for the first subset of questions involving the access controls that have been put into place for the service. Therefore, the data exchange computing platform 100 (e.g., the autocompletion assessment module 120) can filter out the first subset of questions from the set of questions provided in the assessment file using the identified subsections to display to the particular personnel so that the personnel can more quickly and efficiently review the answers that have been identified for the first subset of questions.
In Operation 520, the ingest module 125 receives input of the one or more answer libraries that are applicable to the set of questions through the one or more graphical user interfaces. As previously noted, the data exchange computing platform 100 can generate and store one or more answer libraries for the third party. Therefore, the ingest module 125 can receive input on which of the one or more answer libraries stored on the data exchange computing platform 100 are applicable to the set of questions found in the assessment file.
In Operation 525, the ingest module 125 generates a mapping of the set of questions and corresponding answers found in the assessment file. In various aspects, the ingest module 125 performs this particular operation by identifying one or more positions in the assessment file for providing each answer (or answers) for each question in the set of questions based on the first location and the second location. In addition, the ingest module 125 may use other information such as the third location in which the question numbers are provided and/or a fourth location in which the supporting answers are provided in identifying the one or more positions in the assessment file for providing each answer (or answers) for each question in the set of questions.
For example, the ingest module 125 can identify, based on the first, second, third, and fourth locations, a first position as a first particular cell in the assessment file that is in the format of an Excel® spreadsheet to provide the yes/no answer for a first question found in the set of questions and a second position as a second particular cell in the assessment file to provide the supporting answer for the first question In addition, the ingest module 125 can identify a third position as a third particular cell in the assessment file to provide the yes/no answer for a second question found in the set of questions and a fourth position as a fourth particular cell in the assessment file to provide the supporting answer for the second question, and so forth. The ingest module 125 can then generate the mapping for the set of questions and corresponding answers based on the identified cells for each of the questions found in the set of questions.
In Operation 530, the ingest module 125 extracts the set of questions (e.g., text thereof) from the assessment file. The ingest module 125 can also perform this particular operation based on one or more of the locations. For example, the ingest module 125 can extract the set of questions, and corresponding question numbers, based on the first and third locations that identify the columns in which the set of questions are listed, and the question numbers are listed.

Identify Answers Module

Turning now to FIG. 6 , additional details are provided regarding an identify answers module 130 used for identifying answers to the set of questions found in an electronic assessment (assessment file) in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 6 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the identify answers module 130.
The process 600 involves the identify answers module 130 selecting a question from the set of questions in Operation 610. Once selected, the identify answers module 130 generates a token representation of the question in Operation 615. In various aspects, the identify answers module 130 performs this particular operation by performing natural language processing on the question to generate a vector representation of the question that serves as the token representation. For instance, the identify answers module 130 can use a tokenization technique on the question to generate the vector representation of the question such as, for example, a count vectorizer, a TF-IDF vectorizer, and/or the like.
In Operation 620, the identify answers module 130 compares the generated token representation for the selected question with the token representations provided for the previous questions found in the one or more corresponding answer libraries. In various aspects, the identify answers module 130 performs this particular operation by generating a similarity measure between the two token representations. For example, the identify answers module 130 may generate a cosine measure, an overlap measure, a Euclidean measure, a dot product measure, and/or the like between the two token representations.
In Operation 625, the identify answers module 130 can then select the corresponding one or more answers for the previous question that appears to have a level of the similarity (e.g., similarly measure) that demonstrates the question, and the previous question are closely similar. In various aspects, the identify answers module 130 performs this particular operation based on the similarity measures generated between the token representation for the question and the token representations for each of the previous questions.
In some aspects, the identify answers module 130 also generates a confidence measure (e.g., confidence value) that identifies a confidence that the identified one or more answers are correct for the question. For example, the identify answers module can generate the confidence measure based on the number of words that match between the question and the previous question as indicated via their corresponding token representations. In addition, the identify answers module 130 may also determine that the confidence measure for the one or more identified answers satisfies a certain threshold in order to maintain the one or more answers are provided as answers for the question.
In various aspects, an answer library can be constructed to include the previous questions grouped into entries. Here, an entry may represent a group of previous questions that are related. For example, an entry may represent a group of previous questions related to requesting information on a third party's encryption practices. Accordingly, such a previous question may be asked via multiple variations. As a specific example, such a previous question may be asked as a yes/no question such as “do you use encryption for stored data?” In addition, such a previous question may be asked that solicits more detailed information such as “what type of encryption method do you use for stored data?” Therefore, an answer library may be constructed to include an entry to represent these two previous questions.
In some aspects, the entry may comprise a hierarchical structure that includes a primary previous question representing the entry, along with secondary previous questions that are treated as alternative questions for the entry. For example, the entry related to requesting information on a third party's encryption practices may identify the previous question “what type of encryption method do you use for stored data?” as the primary question for the entity, with the previous question “do you use encryption for stored data?” as a secondary question. In addition, an entry may include one or more previous answers associated with the entry. Accordingly, the one or more previous answers may be arranged in a hierarchical structure. For example, the one or more previous answers may be arranged so that a single previous answer is provided for each previous question found in the hierarchical structure for the entity.
Therefore, in some aspects, the identify answers module 130 can generate the confidence measure by initially identifying a previous question that matches the question based on the similarity measure generated between the previous question and the question. The identify answers module 130 can then generate the confidence measure based on the similarity measure and the similarity measures for the remaining previous questions found in the entry in which the identified previous question is found. In additional or alternative aspects, the identify answers module 130 can generate the confidence measure based on the number of words that match and the similarities measures for the previous questions found in the corresponding entry.
In additional or alternative aspects, the identify answers module 130 can perform one or more natural language processing techniques in confirming a closet match between the question and a previous question. For example, the identify answers module 130 can perform natural language processing techniques such as sentiment analysis, entity analysis, syntax analysis, and/or the like. Accordingly, the identify answers module 130 can perform such techniques to better improve the capabilities of the identify answers module 130 in accurately identifying the closets match to the question found in the previous questions.
In Operation 630, the identify answers module 130 determines whether another question is found in the set of questions for the assessment file. If so, then the identify answers module 130 returns to Operation 610, selects the next question in the set of questions, and determines one or more answers for the newly selected question as just discussed. Once the identify answers module 130 has processed all of the questions in the set of questions, the identify answers module 130 returns the answers in Operation 635. As discussed, the data exchange computing platform 100 (e.g., the autocompletion assessment module 120) can then display the identified answers for the set of questions to personnel of the third party to review through the third party's tenant portal.

Populate Assessment Module

Turning now to FIG. 7 , additional details are provided regarding a populate assessment module 135 used for populating answers in an assessment (assessment file) in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 7 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the populate assessment module 135.
The process 700 involves the populate assessment module 135 selecting a question from the set of questions found in the assessment file that one or more answers have been identified for the question in Operation 710. The data exchange computing platform 100 (e.g., the autocompletion assessment module 120) may have first displayed the answers identified for the set of questions to personnel of the third party via one or more graphical user interfaces through the third party's tenant portal. In turn, the data exchange computing platform 100 (e.g., the autocompletion assessment module 120) may have received an indication for each question that the one or more answers identified for the question are correct. Therefore, the populate assessment module 135 may be provided with those questions (and/or indication thereof) in the set of questions in which answers have been identified as correct for the questions.
In Operation 715, the populate assessment module 135 identifies one or more positions in the assessment file to populate with the one or more answers identified for the question. In various aspects, the populate assessment module 135 performs this operation by using the mapping of the questions and answers generated for the assessment file (e.g., by the ingest module 125). For example, the populate assessment module 135 may use the question number and/or the question, itself, in identifying the one or more positions in the assessment file that are to be populated with the one or more answers for the question. As a specific example, the assessment file may be in the format of an Excel® spreadsheet. Here, the populate assessment module may identify a first particular cell in the spreadsheet for storing a first yes/no answer for the question and a second particular cell in the spreadsheet for storing a supporting answer for the question. Once the positions have been identified, the populate assessment module 135 populates the one or more positions (e.g., cells) in the assessment file with the one or more answers for the question in Operation 720.
In Operation 725, the populate assessment module 135 determines whether another question exists in which one or more answers for the question need to be populated in the assessment file. If so, then the populate assessment module 135 returns to Operation 710, selects the next question, and populates the one or more answers for the newly selected question in the assessment file accordingly. Once the populate assessment module 135 has processed all of the questions that exist in which one or more answers for the questions are to be populated in the assessment file, the populate assessment module 135 provides the assessment file in Operation 730. For example, the populate assessment module 135 may provide the file to the autocompletion assessment module 120 and in turn, the autocompletion assessment module 120 may provide the third party (e.g., personnel thereof) with access to the assessment file through the third party's tenant portal.

Answer Library

As noted, the data exchange computing platform 100 can generate one or more answer libraries for a particular third party. In various aspects, the data exchange computing platform 100 can generate an answer library for a particular third party that comprises a set of previous questions and answers. For example, the data exchange computing platform 100 can receive one or more different electronic assessments (e.g., assessment files) that were previously completed by the third party and uploaded by personnel of the third party into the data exchange computing platform 100.
In turn, the data exchange computing platform 100 can extract the previous questions and corresponding answers found in each of the previously completed assessments to include in the answer library. In some aspects, the data exchange computing platform 100 can receive input from the personnel identifying locations within the previous assessment files that previous questions and corresponding previous answers can be found. Accordingly, the data exchange computing platform 100 can use the locations in extracting the previous questions and corresponding previous answers provided in the previous assessment files.
In additional or alternative aspects, the data exchange computing platform 100 can use a template in extracting the previous questions and corresponding previous answers from the previously completed assessments. For example, the data exchange computing platform 100 may receive a selection on a template from a listing of different templates that may be based on various types of layouts for assessments. Accordingly, the data exchange computing platform 100 can use the selected template in extracting the previous questions and corresponding answers from the assessments. The data exchange computing platform 100 can then use the extract previous questions and answers in generating the answer library for the third party.
However, many of the previous questions may be asking for the same and/or similarly related information. For example, a first previous question may ask “is your data repository located in a restricted area?” While a second previous question may ask “can you please provide details on what personnel have access to your data repository?” In addition, similar previous questions may be asking for the same information using different variations. For example, a first previous question may ask “does your computing service require two-factor authentication?” While a second previous question may ask “do you have two-factor authentication controls in place?” Therefore, the data exchange computing platform 100 can address these concerns in generating the answer library for the third party by clustering previous questions that are similar into groups of similar previous questions and identifying one or more previous answers for each of the groups of previous similar questions to include in the answer library.
In various aspects, the data exchange computing platform 100 clusters the previous questions by using a tokenization technique on each previous question to generate a token representation of the previous question. In some aspects, the data exchange computing platform 100 uses a count vectorizer that generates a token representation in the form of a vector out of each previous question based on a word count for each question. Here, a word listing can be generated that includes each unique word that appears in the previous questions extracted from the assessments. The data exchange computing platform 100 can then generate a vector for each previous question that includes a position for each word found in the word listing with the positions in the vector representing the words found in the previous question set to an integer to indicate an occurrence of the word in the question. For example, for the previous question “do you have two-factor authentication controls in place?,” the data exchange computing platform 100 can set the position in the vector representing the word “authentication” to a one, while setting all the positions in the vector representing the words found in the word listing that do not appear in the question to zero.
In additional or alternative aspects, the data exchange computing platform 100 can use other tokenization techniques such as a TF-IDF vectorizer that performs a similar process as the count vectorizer except the TF-IDF vectorizer replaces the integers in the positions representing the words that appear in a previous question with a calculated TF-IDF value. TF is the term frequency determined as the number of times the word appears in the previous question and IDF is the inverse document frequency determined as the log to the base e of the total number of previous questions divided by the number of previous questions in which the word appears.
In various aspects, the data exchange computing platform 100 then uses a clustering model to cluster the previous questions that are similar into groups of similar previous questions. The clustering model is configured to process the token representations to cluster the previous questions with high similarity based on the token representations generated for the various previous questions. For example, the clustering model may be configured to perform a k-nearest neighbor (k-NN) classification to place each previous question into a class membership to form the groups of similar previous questions.
Once all of the previous questions have been placed into a group, the data exchange computing platform 100 identifies one or more previous answers for each of the groups of similar previous questions to include in the answer library. In some aspects, the data exchange computing platform 100 can provide the third party (e.g., personnel thereof) with the different groups of similar previous questions along with the corresponding answers for the previous questions found in each group. For example, the data exchange computing platform 100 can display the different groups on one or more graphical user interfaces made available through the third party's tenant portal.
In various aspects, the data exchange computing platform 100 can place an entry in the library to represent one or more of the groups of similar previous questions. In some aspects, an entry comprises a hierarchical structure that includes a primary previous question representing the entry, along with secondary previous questions that are treated as alternative questions for the entry.
Here, the data exchange computing platform 100 can receive a selection of one or more groups of similar previous questions via the one or more graphical user interfaces that have been identify by personnel as related and that an entry should be included in the library for the one or more groups. In addition, the data exchange computing platform 100 can receive a selection of a particular previous question for the one or more groups of similar previous questions to serve as the primary previous question for the entry. Further, the data exchange computing platform 100 can receive a selection of which of the previous questions and corresponding previous answers from each of the one or more groups of similar previous questions. Accordingly, these identified previous questions can serve as secondary previous questions for the entry.
The data exchange computing platform 100 can then include the entries for the different groups of similar previous questions and corresponding answers, as identified via the one or more graphical user interfaces, in the answer library to generate the answer library. In addition to the selected previous questions and answers, the data exchange computing platform 100 can also include the token representation of each previous question in the answer library.
In various aspects, the data exchange computing platform 100 can generate multiple answer libraries for a particular third party. For example, the data exchange computing platform 100 can generate different answer libraries for a particular third party based on different types of assessments that are completed by the particular third party. In addition or alternatively, the data exchange computing platform 100 can generate different answer libraries for a particular third party based on different computer-implemented services and/or products offered by the particular third party. The data exchange computing platform 100 can use other criteria in generating multiple answer libraries for a particular third party.

Process Invitation Link Module

Turning now to FIGS. 8A and 8B, additional details are provided regarding a process invitation link module 140 used for registering a third party with the data exchange service in accordance with various aspects. Accordingly, the flow diagram shown in FIGS. 8A and 8B may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the process invitation link module 140.
A first party may submit a request for an artifact to be sent to a third party through the data exchange service. In turn, the data exchange computing platform 100 (e.g., the artifact request module 110) may determine the third party is not currently a tenant of the data exchange service. As a result, the data exchange computing platform 100 (e.g., the artifact request module 110) may generate and send an electronic notification on behalf of the third party that includes an invitation and/or access mechanism that personnel for the third party may activate to register the third party with the data exchange service and/or to gain access to the request. Upon activation, the data exchange computing platform 100 may provide the personnel with a guest portal that facilitates the personnel initiating a registration of the third party with the data exchange service to gain access to the request, or in the alternative to gain access to the request as a guest of the data exchange service. For example, the guest portal may comprise one or more graphical user interfaces such as one or more webpages that are displayed through a browser application residing on a computing device of a third party tenant computing system 181.
Upon the personnel making a selection, the data exchange computing platform 100 activates the process invitation link module 140 and provides the module 140 with the selection made by the personnel of registering the third party with the data exchange service to gain access to the quest or to gain access to the request as a guest. Therefore, the process 800 involves the process invitation link module 140 receiving the selection at Operation 810. In turn, the process invitation link module 140 determines whether the personnel would like to continue as a guest in Operation 815. If so, then the process invitation link module provides the personnel with access to the request submitted by the first party through the guest portal in Operation 820.
If the process invitation link module 140 determines that the personnel instead wants to register the third party with the data exchange service, then the process invitation link module receives validation data in Operation 825. In some aspects, the process invitation link module automatically receives the validation data. For example, the validation data can be automatically populated in the guest portal as a result of an activation of the invitation and/or access mechanism sent to the third party. As a specific example, the invitation and/or access mechanism may comprise a link, such a hyperlink, that includes the validation data such as a contact (e.g., email address), a validation code, and/or the like that is populated in the guest portal upon activation of the link.
Here, the validation data may be unique to the third party so that the validation data can only be used in registering the third party with the data exchange service. In addition, the guest portal may lock the validation data once the data has been populated in the guest portal so that the validation data cannot be edited by the personnel. The guest portal may be configured in such a manner as to ensure that the validation data has been populated in the guest portal via the invitation and/or access mechanism, and that the third party (personnel thereof) is actually registering the third party with the data exchange service.
In additional or alternative aspects, the process invitation link module 140 may provide one or more graphical user interfaces for display to the personnel. Here, the one or more graphical user interfaces may request the personnel to provide the validation data such as a contact (e.g., email address), a validation code, and/or the like through which the third party received the invitation (e.g., the invitation and/or access mechanism) to register with the data exchange service. For example, the process invitation link module 140 may provide a graphical user interface for display that requests the validation data and provides an input control on the interface for the personnel to fill in and submit the contact.
In Operation 830, the process invitation link module 140 validates the registration of the third party with the data exchange service based on the validation data. For example, the process invitation link module 140 may compare the validation data (e.g., the contact, the validation code, and/or the link) with validation data the data exchange computing platform 100 has linked to the invitation and/or access mechanism sent to the third party. In various aspects, the process invitation link module 140 performs the validation to ensure that proper (e.g., authorized) personnel who are actually associated with the third party are registering the third party with the data exchange service.
In additional or alternative aspects, the process invitation link module 140 may also perform one or more checks in validating the registration of the third party with the data exchange service. For example, the process invitation link module 140 may determine whether the contact (e.g., personnel associated with the contact) and/or third party has been placed on a blacklist that prohibits the contact in registering a third party with the data exchange service and/or the third party is prohibited with registering with the data exchange service. In another example, the process invitation link module 140 may determine whether the contact (e.g., personnel associated with the contact) is associated with a competitor of the third party.
In Operation 835, the process invitation link module 140 determines whether the registration of the third party has been validated. If not, then the process invitation link module 140 may provide the personnel with an error in Operation 840. For example, the process invitation link module 140 may cause the display of an error message via the guest portal to indicate to the personnel that an error has occurred in validating the registration of the third party with the data exchange service.
Turning to FIG. 8B, if instead the process invitation link module 140 determines that the registration of the third party has been validated, then the process invitation link module 140 sends a tenant notification to the third party in Operation 845. For example, the process invitation link module 140 may send the third party an electronic communication, such as an email, text message, platform message (e.g., LinkedIn®), and/or the like, to the third party to notify the third party that an attempt is being made to register the third party with the data exchange service. In addition, the tenant notification may include credentials for the third party to use to access the data exchange service (e.g., to access the third party's tenant instance) such as a username and/or password. Further, the tenant notification may include a confirmation mechanism, such as a hyperlink, that the third party (e.g., personnel thereof) can activate to confirm the third party's registration with the data exchange service.
In Operation 850, the process invitation link module 140 determines whether confirmation for registration of the third party with the data exchange service has been received. For example, the process invitation link module 140 may receive an indication of the third party (e.g., personnel thereof) logging into the data exchange service using the credentials sent to the third party. In an additional or alternative example, the process invitation link module 140 may receive an indication of an activation of the confirmation mechanism provided in the tenant notification sent to the third party. If confirmation is not received (e.g. within a particular time period and/or an indication is received that registration of the third party has not been confirmed), then the process invitation link module 140 simply exists the process 800 in Operation 855.
However, if the process invitation link module 140 determines the registration of the third party has been confirmed, then the process invitation link module 140 generates a tenant instance for the third party on the data exchange computing platform 100 in Operation 860. In addition to generating the tenant instance, the process invitation link module 140 can create a link to access the request submitted by the first party on the third party's tenant instance in Operation 865. In addition, the process invitation link module 140 can determine whether the request involves an electronic assessment that the first party has submitted to have the third party complete in Operation 870. If so, then the process invitation link module 140 can create a link to access the electronic assessment on the third party's tenant instance in Operation 875. The process invitation link module 140 can then exist the process 800 in Operation 860.
As a result, the data exchange computing platform 100 can make the request, and accompanying electronic assessment if there is one, available through the data exchange service. Therefore, upon the data exchange computing platform 100 receiving an indication of the third party (personnel thereof) logging into the service, the data exchange computing platform 100 can provide the third party with access to the request and/or the electronic assessment through the third party's tenant instance.
The data exchange computing platform 100 may then receive an artifact uploaded through the third party's tenant instance to fulfill the request and in turn, make the uploaded artifact available to the first party who submitted the request through the first party's tenant instance on the data exchange computing platform 100. In doing so, the data exchange computing platform 100 can facilitate exchange of the artifact between the first and third parties without the first party's computing environment 170 and the third party's computing environment 180 having to directly interact to exchange the artifact. As a result, the data exchange computing platform 100 can address many of the technical challenges that may be encountered due to different functionality, capabilities, interfaces, and/or the like between the first party and third party computing environments 170, 180.

Claim Profile Module

Turning now to FIG. 9 , additional details are provided regarding a claim profile module 145 used for linking a trust profile to a third party tenant instance in accordance with various aspects. Accordingly, the flow diagram shown in FIG. 9 may correspond to operations executed, for example, by computing hardware found in the data exchange computing platform 100 as described herein, as the computing hardware executes the claim profile module 145.
In various aspects, the data exchange computing platform 100 provides third party trust profiles to further assist third parties with providing first parties with access to data (e.g., various artifacts) of the third parties. A third party trust profile can serve as an electronic forum available through the data exchange service that is controlled by a particular (associated) third party with respect to making data available through the third part trust profile.
In various aspects, the data exchange computing platform 100 may provide one or more graphical user interfaces through the data exchange service to allow third parties (e.g., personnel thereof) to view third party trust profiles that have been created on the data exchange computing platform 100 for various third parties, but have yet to be claimed by the third parties. For example, the data exchange computing platform 100 may include a third party trust profile that may have been created for a particular third party who is not currently a tenant of the data exchange service, but who provides a service that is frequently used by many of the first parties who are tenants of the data exchange service. Here, the third party trust profile for the particular third party may provide information that is publicly available for the third party that may have been gathered from publicly available data sources such as the particular third party's public facing website. The data exchange computing platform 100 may include such third party trust profiles to make the publicly available information more readily and/or conveniently available for first party tenants of the data exchange service.
Accordingly, the particular third party may become a tenant of the data exchange service and decide to claim the third party trust profile or may instead, as a guest of the data exchange service, decide to claim the third party trust profile. Therefore, the data exchange computing platform 100 may receive a request from the particular third party (e.g., third party claimant) to claim the third party trust profile that is available through the data exchange service, but has not yet been claimed by the third party. Upon receiving the request, the data exchange computing platform 100 can invoke the claim profile module 145 to process the request.
Therefore, the process 900 involves the claim profile module 145 receiving the request in Operation 910. In response to receiving the request, the claim profile module 145 locks the third party trust profile on the data exchange computing platform 100 in Operation 915 so that the trust profile is unavailable for another third party to claim. The claim profile module 145 performs this particular operation in various aspects so that a third party trust profile on the data exchange computing platform 100 is not (accidently) linked to multiple third parties.
In Operation 920, the claim profile module 145 determines whether the third party's request to claim the third party trust profile is valid. In some aspects, the claim profile module 145 performs this particular operation without human intervention, or with minimal human intervention. For example, the request may include data (information) on the third party and/or personnel (e.g., an individual) who is submitting the request that can then be used by the claim profile module 145 to validate the request for the third party trust profile. As a specific example, the data may include identification information on personnel (e.g., the individual) who submitted the request on behalf of the third party. Here, the claim profile module 145 may use the identification information to investigate publicly available information found through various data sources (e.g., information found on LinkedIn®) to determine that the request is legitimate and that the proper third party (and/or personnel thereof) is claiming the third party trust profile. In other aspects, the claim profile module 145 submits the request to validation personnel who then conducts a validation process to validate that the request is legitimate.
If the claim profile module 145 determines the request has not been validated, then the claim profile module 145 unlocks the third party trust profile in Operation 925. As a result, the third party trust profile is again available through the data exchange service to be claimed by another (e.g., valid) third party. In Operation 930, the claim profile module 145 informs the third party that the request to link the third party profile with the third party (with the third party's tenant instance) could not be validated and has been rejected. For example, the claim profile module 145 may provide an electronic notification through the third party's tenant instance and/or the claim profile module 145 may send an electronic notification, such as an email, to the third party informing the third party that the request has been rejected.
If instead the claim profile module 145 determines the request has been validated, then the claim profile module 145 determines whether the third party is a current tenant of the data exchange service in Operation 935. If the claim profile module 145 determines the third party is not currently a tenant of the data exchange service, then the claim profile module 145 creates a tenant instance for the third party on the data exchange computing platform 100 in Operation 940. In various aspects, the claim profile module 145 may perform this particular operation in a similar manner as the process invitation link module 140. For example, the claim profile module 145 may perform validation and/or confirmation operations similar to the validation and/or confirmation operations performed by the process invitation link module 140.
In Operation 945, the claim profile module 145 links the third party trust profile to the third party's tenant instance. In Operation 930, the claim profile module 145 notifies the third party that the third party trust profile has been linked to the third party's tenant instance. For example, the claim profile module 145 may provide a notification through the third party's tenant instance and/or the claim profile module 145 may send an electronic notification, such as an email, to the third party informing the third party that the third party trust profile has been linked to the third party's tenant instance. As a result, the data exchange computing platform 100 provides access and control of the third party trust profile to the third party (e.g., personnel thereof) through the third party's tenant instance on the data exchange computing platform 100.
In various aspects, the data exchange computing platform 100 can provide a third party with the capabilities to claim and management multiple trust profiles that are associated with the third party. For example, a particular third party may wish to maintain separate trust profiles for each of the third party computer-implemented services being offered by the third party. The data exchange computing platform 100 providing the particular third party with the multiple trust profiles can allow for first parties to location and access needed data (e.g., needed artifacts) for a particular computer-implemented service that is being offered by the particular third party without the first parties having to sift through data for other computing-implemented services being offered by the particular third party. That is to say, the data exchange computing platform 100 providing the particular third party with the multiple trust profiled can facilitate more efficient and effective exchange of data between the particular third party and first parties.
In addition, the data exchange computing platform 100 can provide additional functionality for the trust profiles that can assist third parties in managing the trust profiles. For example, the data exchange computing platform 100 can provide functionality that allows for attachments to be made available along with certain data, auditing functionality that tracks and logs what first parties and/or personnel thereof who have access certain data through the trust profile, and/or the like.

Example Technical Platforms

Aspects of the present disclosure may be implemented in various ways, including as computer program products that comprise articles of manufacture. Such computer program products may include one or more software components including, for example, software objects, methods, data structures, and/or the like. A software component may be coded in any of a variety of programming languages. An illustrative programming language may be a lower-level programming language such as an assembly language associated with a particular hardware architecture and/or operating system platform. A software component comprising assembly language instructions may require conversion into executable machine code by an assembler prior to execution by the hardware architecture and/or platform. Another example programming language may be a higher-level programming language that may be portable across multiple architectures. A software component comprising higher-level programming language instructions may require conversion to an intermediate representation by an interpreter or a compiler prior to execution.
Other examples of programming languages include, but are not limited to, a macro language, a shell or command language, a job control language, a script language, a database query, or search language, and/or a report writing language. In one or more example aspects, a software component comprising instructions in one of the foregoing examples of programming languages may be executed directly by an operating system or other software component without having to be first transformed into another form. A software component may be stored as a file or other data storage construct. Software components of a similar type or functionally related may be stored together such as, for example, in a particular directory, folder, or library. Software components may be static (e.g., pre-established, or fixed) or dynamic (e.g., created or modified at the time of execution).
A computer program product may include a non-transitory computer-readable storage medium storing applications, programs, program modules, scripts, source code, program code, object code, byte code, compiled code, interpreted code, machine code, executable instructions, and/or the like (also referred to herein as executable instructions, instructions for execution, computer program products, program code, and/or similar terms used herein interchangeably). Such non-transitory computer-readable storage media include all computer-readable media (including volatile and non-volatile media).
In some aspects, a non-volatile computer-readable storage medium may include a floppy disk, flexible disk, hard disk, solid-state storage (SSS) (e.g., a solid-state drive (SSD), solid state card (SSC), solid state module (SSM)), enterprise flash drive, magnetic tape, or any other non-transitory magnetic medium, and/or the like. A non-volatile computer-readable storage medium may also include a punch card, paper tape, optical mark sheet (or any other physical medium with patterns of holes or other optically recognizable indicia), compact disc read only memory (CD-ROM), compact disc-rewritable (CD-RW), digital versatile disc (DVD), Blu-ray disc (BD), any other non-transitory optical medium, and/or the like. Such a non-volatile computer-readable storage medium may also include read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), flash memory (e.g., Serial, NAND, NOR, and/or the like), multimedia memory cards (MMC), secure digital (SD) memory cards, SmartMedia cards, CompactFlash (CF) cards, Memory Sticks, and/or the like. Further, a non-volatile computer-readable storage medium may also include conductive-bridging random access memory (CBRAM), phase-change random access memory (PRAM), ferroelectric random-access memory (FeRAM), non-volatile random-access memory (NVRAM), magnetoresistive random-access memory (MRAM), resistive random-access memory (RRAM), Silicon-Oxide-Nitride-Oxide-Silicon memory (SONOS), floating junction gate random access memory (FJG RAM), Millipede memory, racetrack memory, and/or the like.
In some aspects, a volatile computer-readable storage medium may include random access memory (RAM), dynamic random access memory (DRAM), static random access memory (SRAM), fast page mode dynamic random access memory (FPM DRAM), extended data-out dynamic random access memory (EDO DRAM), synchronous dynamic random access memory (SDRAM), double data rate synchronous dynamic random access memory (DDR SDRAM), double data rate type two synchronous dynamic random access memory (DDR2 SDRAM), double data rate type three synchronous dynamic random access memory (DDR3 SDRAM), Rambus dynamic random access memory (RDRAM), Twin Transistor RAM (TTRAM), Thyristor RAM (T-RAM), Zero-capacitor (Z-RAM), Rambus in-line memory module (RIMM), dual in-line memory module (DIMM), single in-line memory module (SIMM), video random access memory (VRAM), cache memory (including various levels), flash memory, register memory, and/or the like. It will be appreciated that where various aspects are described to use a computer-readable storage medium, other types of computer-readable storage media may be substituted for or used in addition to the computer-readable storage media described above.
Various aspects of the present disclosure may also be implemented as methods, apparatuses, systems, computing devices, computing entities, and/or the like. As such, various aspects of the present disclosure may take the form of a data structure, apparatus, system, computing device, computing entity, and/or the like executing instructions stored on a computer-readable storage medium to perform certain steps or operations. Thus, various aspects of the present disclosure also may take the form of entirely hardware, entirely computer program product, and/or a combination of computer program product and hardware performing certain steps or operations.
Various aspects of the present disclosure are described below with reference to block diagrams and flowchart illustrations. Thus, each block of the block diagrams and flowchart illustrations may be implemented in the form of a computer program product, an entirely hardware aspect, a combination of hardware and computer program products, and/or apparatuses, systems, computing devices, computing entities, and/or the like carrying out instructions, operations, steps, and similar words used interchangeably (e.g., the executable instructions, instructions for execution, program code, and/or the like) on a computer-readable storage medium for execution. For example, retrieval, loading, and execution of code may be performed sequentially such that one instruction is retrieved, loaded, and executed at a time. In some examples of aspects, retrieval, loading, and/or execution may be performed in parallel such that multiple instructions are retrieved, loaded, and/or executed together. Thus, such aspects can produce specially configured machines performing the steps or operations specified in the block diagrams and flowchart illustrations. Accordingly, the block diagrams and flowchart illustrations support various combinations of aspects for performing the specified instructions, operations, or steps.

Example System Architecture

FIG. 10 is a block diagram of a system architecture 1000 that can be used in providing the data exchange service that is accessible to various first and third party computing environments 170, 180 according to various aspects as detailed herein. As may be understood from FIG. 10 , the system architecture 1000 in various aspects includes a data exchange computing platform 100. Here, the data exchange computing platform 100 can comprise one or more data exchange computing systems 1010. Each data exchange computing system 1010 can include various hardware components such as one or more data exchange servers 1015.
In addition, the data exchange computing platform 100 can include a repository 150. The repository 150 may be made up of one or more computing components such as servers, routers, data storage, networks, and/or the like that are used on the data exchange computing platform 100 to store and manage data associated with first and/or third parties who are tenants of the data exchange service. For example, the repository 150 may store and manage data associated with various tenant instances found on the data exchange computing platform 100 for the various first and/or third parties such as artifacts that are to be made available through the data exchange service, requests made for data artifacts through the data exchange service, third party trust profiles for various third parties, answer libraries used in autocompleting electronic assessments for various third parties, and/or the like.
Accordingly, the data exchange computing platform 100 may provide the data exchange service to various first and/or third parties by making the service available over one or more networks 160. Here, a first and/or third party may access the service via a first and/or third computing environment 170, 180 associated with the party interacting with the data exchange computing platform 100. For example, the data exchange computing platform 100 may provide the service through a website that is accessible to the first and/or third party's computing environment 170, 180 over the one or more networks 160.
According, the data exchange server(s) 1015 found within the one or more data exchange computing systems 1010 may execute an artifact request module 110, a process request link module 115, an autocompletion assessment module 120, an ingest module 125, an identify answers module 130, a populate assessment module 135, a process invitation link module 140, and/or a claim profile module 145 as described herein. Further, according to particular aspects, the data exchange server(s) 1010 may provide one or more portals that include one or more graphical user interfaces (e.g., one or more webpages, webform, and/or the like through the website) through which personnel of a first and/or third party can interact with the data exchange computing platform 100. Furthermore, the data exchange server(s) 1010 may provide one or more interfaces that allow the data exchange computing platform 100 to communicate with first and/or third party computing environment(s) 170, 180 such as one or more suitable application programming interfaces (APIs), direct connections, and/or the like.

Example Computing Hardware

FIG. 11 illustrates a diagrammatic representation of a computing hardware device 1100 that may be used in accordance with various aspects. For example, the hardware device 1100 may be computing hardware such as a data exchange server 1015 as described in FIG. 10 . According to particular aspects, the hardware device 1100 may be connected (e.g., networked) to one or more other computing entities, storage devices, and/or the like via one or more networks such as, for example, a LAN, an intranet, an extranet, and/or the Internet. As noted above, the hardware device 1100 may operate in the capacity of a server and/or a client device in a client-server network environment, or as a peer computing device in a peer-to-peer (or distributed) network environment. In some aspects, the hardware device 1100 may be a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a mobile device (smartphone), a web appliance, a server, a network router, a switch or bridge, or any other device capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that device. Further, while only a single hardware device 1100 is illustrated, the term “hardware device,” “computing hardware,” and/or the like shall also be taken to include any collection of computing entities that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
A hardware device 1100 includes a processor 1102, a main memory 1104 (e.g., read-only memory (ROM), flash memory, dynamic random-access memory (DRAM) such as synchronous DRAM (SDRAM), Rambus DRAM (RDRAM), and/or the like), a static memory 1106 (e.g., flash memory, static random-access memory (SRAM), and/or the like), and a data storage device 1118, that communicate with each other via a bus 1132.
The processor 1102 may represent one or more general-purpose processing devices such as a microprocessor, a central processing unit, and/or the like. According to some aspects, the processor 1102 may be a complex instruction set computing (CISC) microprocessor, reduced instruction set computing (RISC) microprocessor, very long instruction word (VLIW) microprocessor, a processor implementing other instruction sets, processors implementing a combination of instruction sets, and/or the like. According to some aspects, the processor 1102 may be one or more special-purpose processing devices such as an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), network processor, and/or the like. The processor 1102 can execute processing logic 1126 for performing various operations and/or steps described herein.
The hardware device 1100 may further include a network interface device 1108, as well as a video display unit 1110 (e.g., a liquid crystal display (LCD), a cathode ray tube (CRT), and/or the like), an alphanumeric input device 1112 (e.g., a keyboard), a cursor control device 1114 (e.g., a mouse, a trackpad), and/or a signal generation device 1116 (e.g., a speaker). The hardware device 1100 may further include a data storage device 1118. The data storage device 1118 may include a non-transitory computer-readable storage medium 1130 (also known as a non-transitory computer-readable storage medium or a non-transitory computer-readable medium) on which is stored one or more modules 1122 (e.g., sets of software instructions) embodying any one or more of the methodologies or functions described herein. For instance, according to particular aspects, the modules 1122 include an artifact request module 110, a process request link module 115, an autocompletion assessment module 120, an ingest module 125, an identify answers module 130, a populate assessment module 135, a process invitation link module 140, and/or a claim profile module 145 as described herein. The one or more modules 1122 may also reside, completely or at least partially, within main memory 1104 and/or within the processor 1102 during execution thereof by the hardware device 1100—main memory 1104 and processor 1102 also constituting computer-accessible storage media. The one or more modules 1122 may further be transmitted or received over a network 160 via the network interface device 1108.
While the computer-readable storage medium 1130 is shown to be a single medium, the terms “computer-readable storage medium” and “machine-accessible storage medium” should be understood to include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term “computer-readable storage medium” should also be understood to include any medium that is capable of storing, encoding, and/or carrying a set of instructions for execution by the hardware device 1100 and that causes the hardware device 1100 to perform any one or more of the methodologies of the present disclosure. The term “computer-readable storage medium” should accordingly be understood to include, but not be limited to, solid-state memories, optical and magnetic media, and/or the like.

System Operation

The logical operations described herein may be implemented (1) as a sequence of computer implemented acts or one or more program modules running on a computing system and/or (2) as interconnected machine logic circuits or circuit modules within the computing system. The implementation is a matter of choice dependent on the performance and other requirements of the computing system. Accordingly, the logical operations described herein are referred to variously as states, operations, steps, structural devices, acts, or modules. These states, operations, steps, structural devices, acts, and modules may be implemented in software, in firmware, in special purpose digital logic, and any combination thereof. Greater or fewer operations may be performed than shown in the figures and described herein. These operations also may be performed in a different order than those described herein.

CONCLUSION

While this specification contains many specific aspect details, these should not be construed as limitations on the scope of any invention or of what may be claimed, but rather as descriptions of features that may be specific to particular aspects of particular inventions. Certain features that are described in this specification in the context of separate aspects also may be implemented in combination in a single aspect. Conversely, various features that are described in the context of a single aspect also may be implemented in multiple aspects separately or in any suitable sub-combination. Moreover, although features may be described above as acting in certain combinations and even initially claimed as such, one or more features from a claimed combination may in some cases be excised from the combination, and the claimed combination may be a sub-combination or variation of a sub-combination.
Similarly, while operations are described in a particular order, this should not be understood as requiring that such operations be performed in the particular order described or in sequential order, or that all described operations be performed, to achieve desirable results. In certain circumstances, multitasking and parallel processing may be advantageous. Moreover, the separation of various components in the various aspects described above should not be understood as requiring such separation in all aspects, and the described program components (e.g., modules) and systems may be integrated together in a single software product or packaged into multiple software products.
Many modifications and other aspects of the disclosure will come to mind to one skilled in the art to which this disclosure pertains having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the disclosure is not to be limited to the specific aspects disclosed and that modifications and other aspects are intended to be included within the scope of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for the purposes of limitation.

Claims

1. A method comprising:

receiving, by computing hardware, a request on behalf of a first party to have a third party provide an electronic artifact, wherein:

the request is submitted by the first party through a data exchange computing platform,

the data exchange computing platform provides a data exchange service that facilitates exchange of electronic artifacts between a plurality of tenants of the data exchange computing platform, and

the first party is a first tenant of the plurality of tenants and has a first tenant instance on the data exchange computing platform;

determining, by the computing hardware, that the third party is not a tenant of the plurality of tenants;

responsive to determining the third party is not the tenant of the plurality of tenants, sending, by the computing hardware, an electronic notification on behalf of the first party to the third party requesting the electronic artifact, wherein the electronic notification comprises an invitation mechanism for facilitating registration of the third party with the data exchange service;

receiving, by the computing hardware, an indication of an activation of the invitation mechanism; and

responsive to receiving the indication:

generating, by the computing hardware, a second tenant instance on the data exchange computing platform for the third party to facilitate the third party being a second tenant of the plurality of tenants; and

providing, by the computing hardware, access to the request via the second tenant instance so that the request is automatically available to the third party through the data exchange service.

2. The method of claim 1 further comprising:

providing, by the computing hardware, an upload mechanism through the second tenant instance to facilitate the third party uploading the electronic artifact into the data exchange computing platform;

receiving, by the computing hardware and via the upload mechanism, the electronic artifact; and

responsive to receiving the electronic artifact:

providing, by the computing hardware, access to the electronic artifact to the first party through the first tenant instance; and

sending, by the computing hardware, a second electronic notification to the first party indicating the electronic artifact is available through the data exchange service.

3. The method of claim 1, wherein the electronic artifact comprises an assessment to be completed by the third party and the method further comprises:

providing, by the computing hardware, an access mechanism through the second tenant instance to facilitate the third party accessing the assessment via the data exchange service;

receiving, by the computing hardware, a second indication of a second activation of the access mechanism;

responsive to receiving the second indication, providing, by the computing hardware, access to the assessment through the second tenant instance;

providing, by the computing hardware, an upload mechanism through the second tenant instance to facilitate the third party uploading a completed version of the assessment into the data exchange computing platform;

receiving, by the computing hardware and via the upload mechanism, the completed version of the assessment; and

responsive to receiving the completed version of the assessment:

providing, by the computing hardware, access to the completed version of the assessment to the first party through the first tenant instance; and

sending, by the computing hardware, a second electronic notification to the first party indicating the completed version of the assessment is available through the data exchange service.

4. The method of claim 3, wherein providing the upload mechanism through the second tenant instance to facilitate the third party uploading the completed version of the assessment into the data exchange computing platform comprises:

providing, by the computing hardware, access to autocompletion assessment software through the second tenant instance, wherein the assessment comprises a set of questions and the autocompletion assessment software is configured to automatically identify answers to the set of questions based on previous answers to previous questions provided by the third party in a previous assessment completed by the third party; and

processing, by the computing hardware, the assessment using the autocompletion assessment software to identify an answer to at least one question of the set of questions and to load the answer to the at least one question into the assessment as part of generating the completed version of the assessment.

5. The method of claim 1, wherein generating the second tenant instance on the data exchange computing platform for the third party to facilitate the third party being the second tenant of the plurality of tenants comprises:

sending, by the computing hardware, a second electronic communication comprising a conformation mechanism for confirming creation of the second tenant instance for the third party;

receiving, by the computing hardware, a second indication of an activation of the conformation mechanism; and

responsive to receiving the second indication, creating, by the computing hardware, the second tenant instance on the data exchange computing platform.

6. The method of claim 1 further comprising:

receiving, by the computing hardware and via the second tenant instance, a second request to claim a third party trust profile, wherein the third party trust profile is configured for allowing the third party to manage availability of the electronic artifacts through the data exchange service to the plurality of tenants; and

responsive to receiving the second request:

locking, by the computing hardware, the third party trust profile so that the third party trust profile is unavailable to be claimed by another tenant of the plurality of tenants;

submitting, by the computing hardware, the second request to claim the third party trust profile to be validated;

receiving, by the computing hardware, a second indication that the second request to claim the third party trust profile has been validated; and

responsive to receiving the second indication, linking the third party trust profile to the second tenant instance in the data exchange computing platform so that the third party trust profile is available to the third party through the second tenant instance.

7. The method of claim 6 further comprising:

receiving, by the computing hardware and via the second tenant instance, a third request to post a particular electronic artifact to the third party trust profile;

receiving, by the computing hardware, the particular electronic artifact uploaded through the second tenant instance by the third party; and

posting, by the computing hardware, the particular electronic artifact to the third party trust profile so that the particular electronic artifact is publicly available to the plurality of tenants.

8. A system comprising:

a non-transitory computer-readable medium storing instructions; and

a processing device communicatively coupled to the non-transitory computer-readable medium,

wherein, the processing device is configured to execute the instructions and thereby perform operations comprising:

responsive to receiving the indication:

9. The system of claim 8, wherein the operations further comprise:

responsive to receiving the electronic artifact:

10. The system of claim 8, wherein the electronic artifact comprises an assessment to be completed by the third party and the operations further comprises:

responsive to receiving the completed version of the assessment:

11. The system of claim 10, wherein providing the upload mechanism through the second tenant instance to facilitate the third party uploading the completed version of the assessment into the data exchange computing platform comprises:

12. The system of claim 8, wherein generating the second tenant instance on the data exchange computing platform for the third party to facilitate the third party being the second tenant of the plurality of tenants comprises:

13. The system of claim 8, wherein the operations further comprise:

responsive to receiving the second request:

14. A non-transitory computer-readable medium storing computer-executable instructions that, when executed by computing hardware, configure the computing hardware to perform operations comprising:

the request is submitted by the first party through a data exchange computing platform, the data exchange computing platform provides a data exchange service that facilitates exchange of electronic artifacts between a plurality of tenants of the data exchange computing platform, and

responsive to receiving the indication:

15. The non-transitory computer-readable medium of claim 14, wherein the operations further comprise:

responsive to receiving the electronic artifact:

16. The non-transitory computer-readable medium of claim 14, wherein the electronic artifact comprises an assessment to be completed by the third party and the operations further comprises:

responsive to receiving the completed version of the assessment:

17. The non-transitory computer-readable medium of claim 16, wherein providing the upload mechanism through the second tenant instance to facilitate the third party uploading the completed version of the assessment into the data exchange computing platform comprises:

18. The non-transitory computer-readable medium of claim 14, wherein generating the second tenant instance on the data exchange computing platform for the third party to facilitate the third party being the second tenant of the plurality of tenants comprises:

19. The non-transitory computer-readable medium of claim 14, wherein the operations further comprise:

responsive to receiving the second request:

20. The non-transitory computer-readable medium of claim 19, wherein the operations further comprise: